The US government has warned all iPhone and iPad users about a vulnerability in Apple s iOS mobile operating system. The vulnerability, which was revealed by security research firm FireEye earlier this week, allows hackers to access users private information, Reuters reports. In a separate statement to iMore, Apple has downplayed the significance of the vulnerability saying that it isn t actually a vulnerability. Also Read - Apple TV Plus for free: PS5 owners get six months subscription free of costAlso Read - This photo shot with iPhone X by an Indian wins iPhone Photography Awards
Security research firm FireEye revealed a vulnerability called Masque Attack which lets hackers to replace the authenticate apps installed on a user s iOS-powered device with malicious copies. The illegitimate app is also able to access the cached data, which often consists of logs, login credentials and other sensitive information. Also Read - Top Apple gadgets, accessories for less than Rs 15,000 for Apple fans
FireEye claimed it informed Apple about the vulnerability in July, but the iPhone maker hasn’t patched it yet. The same vulnerability was targeted by a malware named WireLurker last month which affected many devices. In an online bulletin, the National Cybersecurity and Communications Integration Center, and the US Computer Emergency Readiness Teams advised users to not download any app from any other source than Apple s official App Store or from their own organization. It further notes that a user should not click on Install popups when surfing the web. If their device ever warns Untrusted App Developer , users should click on Don t Trust .
Apple, though gave little weight to the exploit, and said it is not aware of any customer that is affected by the said vulnerability. The company, however, does encourage users to download apps only from trusted sources. “We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software,” an Apple spokesperson told iMore. “We’re not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any warnings as they download apps. Enterprise users installing custom apps should install apps from their company’s secure website.”