14 DAY TRIAL // Apple’s new iOS 15 is now available for download, and in addition to all the new features that we’ve seen being discussed pretty much all over the web, the new operating system also comes with a series of security improvements hiding under the hood.
And one of the most important highlights is aimed at Face ID, as Apple explains that iOS 15 resolves a vulnerability affecting all models coming with the facial recognition system and allowing malicious actors to break into an iPhone using a 3D model.
In other words, if an iPhone comes with Face ID protection into place, then someone could use a 3D model specifically to get past the security checks, therefore making the facial recognition system believe it’s the owner trying to unlock the device.
Apple explains the flaw was discovered by Wish Wu of Ant-financial Light-Year Security Lab, and the way it was resolved is by improving Face ID’s anti-spoofing models.
Other security improvements
In addition, Apple says it has resolved an issue impacting Siri and allowing a malicious actor to see the contacts from the lock screen using the digital assistant.
“Impact: A local attacker may be able to view contacts from the lock screen Description: A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management,” Apple explains, adding that the vulnerability was reported by an anonymous researcher.
And last but not least, iOS 15 also includes a security path aimed at malicious Wi-Fi networks that could be accessed during the setup process.
“Impact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup Description: An authorization issue was addressed with improved state management,” Apple explains.
iOS 15 is available for download today for iPhone 6s and newer.