Connect with us

Hi, what are you looking for?


Mobile & Wireless

Apple Rolls-Out USB Restricted Mode in iOS

Apple on Monday released patches for various security vulnerabilities in iOS, macOS, tvOS, watchOS, and Safari, as well as for iCloud and iTunes for Windows.

Apple on Monday released patches for various security vulnerabilities in iOS, macOS, tvOS, watchOS, and Safari, as well as for iCloud and iTunes for Windows.

In addition to fixes for 22 issues, the iOS 11.4.1 software update also introduces the long expected USB Restricted Mode, a feature that should boost the security of its platform and improve privacy.

“Starting with iOS 11.4.1, if you use USB accessories with your iPhone, iPad, or iPod touch, or if you connect your device to a Mac or PC, you might need to unlock your device for it to recognize and use the accessory. Your accessory then remains connected, even if your device is subsequently locked,” Apple says.

The new feature should prevent the use of USB devices that connect over the Lightning port to crack the device’s passcode and access user data, should the connection attempt occur one hour after the device was locked.

The new feature can be found in Settings > Face ID (or Touch ID) & Passcode > USB Accessories. Users should leave the toggle disabled to take advantage of USB Restricted Mode.

With the roll-out of this new capability on iOS, it would be more difficult for forensics analysis to access data on a suspect’s devices, as they would only have a one-hour window at their disposal to attempt to crack the available protections.

Once it has kicked in, USB Restricted Mode persists through reboots and even if the device software has been restored via Recovery mode, ElcomSoft’s Oleg Afonin explains.

Advertisement. Scroll to continue reading.

However, it is possible to reset the USB Restrictive Mode countdown timer if an untrusted USB accessory is connected to the device within the first hour.

The 22 vulnerabilities addressed with the release of iOS 11.4.1 impact CFNetwork, Emoji, Kernel, libxpc, LinkPresentation, WebKit, WebKit Page Loading, and Wi-Fi. WebKit was impacted the most, with 14 vulnerabilities addressed in it.

The addressed issues include unexpected persistence of cookies in Safari, denial of service, elevation of privileges, access to restricted memory, address bar spoofing, arbitrary code execution, unexpected Safari crashes, exfiltration of audio data cross-origin, and sandbox escape.

The new iOS release is available for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.

Apple also patched 11 security flaws with the release of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan. The bugs impact AMD, APFS, ATS, CFNetwork, CoreCrypto, DesktopServices, IOGraphics, Kernel, libxpc, and LinkPresentation.

The most important of the issues is CVE-2018-3665, a vulnerability that impacts Intel processors. Dubbed LazyFP and detailed last month, the bug is similar to Meltdown Variant 3a and could be exploited to access floating point unit (FPU) state data, which can contain sensitive information, such as cryptographic keys.

“Systems using Intel Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore from another process through a speculative execution side channel,” Apple notes.

The newly released watchOS 4.3.2 resolves a total of 14 vulnerabilities, while tvOS 11.4.1 addresses 18. Apple resolved 16 flaws with the release of Safari 11.1.2, and patched 14 bugs in both iCloud for Windows 7.6 and iTunes 12.8 for Windows.

Related: Apple Boosts Security in iOS 12, macOS Mojave

Related: Apple Patches KRACK Flaws in Boot Camp

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.