So, technically Apple released iOS 16.3 last month. But a major vulnerability seemingly went unaddressed in that release, hence now a fix is being rolled out. Naturally, the patch does other things too, as patches typically do, and you can view the full list here.
However, the PSA is as follows: update your iPhone 14 to the latest version asap, because this new release fixes a major security issue, which basically allowed third-parties to track your iPhone’s location without your consent or knowledge. Big oof.
The fix itself is under CVE-2023-23503 — and by the way, that stands for Common Vulnerabilities and Exposures — and is listed under Apple Maps in the fixlist. Apple has phrased it as the unalarming “logic issue” that allowed apps to “bypass Privacy preferences”.
Good thing that the vulnerability didn't also let apps spy on your camera feed.
But a report from AppleInsider adds some interesting details, as they managed to locate a user who allegedly already suffered from this exploit. The user in question — running iOS 16.2 at the time — was quick to notice that the app iFood was seemingly tracking their location, despite that being explicitly forbidden through Privacy Settings.
An important note is to be made here: there's no proof of malicious intent, and the company behind the app might’ve done this completely unintentionally. As of now, they haven’t come forward with a statement, and that may very well be because they never noticed the data coming in.
After installing the latest version of iOS and a quick reset, the user didn’t encounter any similar issues. As such, if you’d like to evade potentially risky situations like this, make sure to update your firmware as soon as possible.
The update is available now as both iOS and iPadOS for the following devices:
iPhone 8 and later
All iPad Pro models
iPad Air 3rd Gen and later
iPad 5th Gen and later
iPad mini 5th Gen and later
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
Stan, also known as Stako, is a smartphone enthusiast who loves exploring the limits of Android customization. His journey with mobile tech began with the Nokia 5110 and evolved with devices like the BlackBerry 9350 Curve and Samsung Galaxy A4. Despite his love for Android, he holds equal respect for Apple, considering the iPhone 4s as a significant milestone in mobile tech. Stan started his writing career early, contributing to MetalWorld, and harbors a passion for creative writing. Beyond smartphones, he's interested in photography, design, composition, and gaming, often preferring solo projects to hone his objective thinking. He's also an avid student of open-source technology and consoles, with a special fondness for the Pebble Watch, Arduboy, and Playdate.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: