Tech

Apple issues fix for HomeKit vulnerability impacting smart locks and other devices

Apple issues fix for HomeKit vulnerability impacting smart locks and other devices

The vulnerability affects iPhones and iPads running iOS 11.2, the latest version of Apple's mobile operating system, and users who have connected the HomeKit application to their iCloud account. It's an iOS 11.2 bug that Apple has already fixed via a server patch, and an update to iOS 11.2 will come next week that fixes the other end of the bug on iOS devices (via 9To5Mac). While some of the issues related to the remote access flaw were addressed in iOS 11.2 and watchOS 4.2, enough of the issue remained to allow an attacker to gain remote access to connected smart home devices and appliances through HomeKit.

The vulnerability, which we won't describe in detail and was hard to reproduce, allowed unauthorized control of HomeKit-connected accessories including smart lights, thermostats, and plugs.

The implications of the vulnerability are extremely worrying, with the obvious concern being the ability for attackers to remotely open a smart lock or garage door and gain access to someone's house without a physical key.

More news: Goodyear Tire & Rubr Co (GT) Holding Held by Moon Capital Management Lp

Apple customers don't need to take any action right now.

The iPhone maker said in a statement, "The issue affecting HomeKit users running iOS 11.2 has been fixed".

Apple has another security issue to deal with. Apple says that the reduced functionality will be restored with an iOS 11.2 update next week. Earlier versions of iOS aren't affected. Apple was informed of the HomeKit vulnerability (dating back to October) and fixed it server-side temporarily, with a full fix coming in an iOS update next week. The severity of this vulnerability also imposes a responsibility on 9to5Mac as a publication to share what we know with our audience if we're going to continue covering HomeKit and smart home products.


  • BT Investment Management Ltd Acquires Shares of 43308 Celgene Corporation (NASDAQ:CELG)

    Birmingham Capital Mngmt Incorporated Al invested in 2.1% or 116,087 shares. 123 funds opened positions while 686 raised stakes. Quantitative Investment Management Llc bought 429,700 shares as the company's stock declined 3.49% while stock markets rallied.
    First Solar, Inc. (FSLR)

    First Solar, Inc. (FSLR)

    The stock's 50-day average volume has been 2,478,154 shares, with an average of 75% of medium term indicators pointing toward Buy. It has underperformed by 42.02% the S&P500.The move comes after 7 months positive chart setup for the $953.57 million company.

    Chesapeake Asset Management LLC Sells 4000 Shares of Pfizer Inc. (PFE)

    Following the transaction, the executive vice president now directly owns 117,432 shares in the company, valued at $4,186,450.80. It worsened, as 30 investors sold UVV shares while 59 reduced holdings. 28 funds opened positions while 43 raised stakes.
  • Crown Castle International Corp (CCI) and Invesco Plc (IVZ)

    Grisanti Capital Management LLC raised its holdings in shares of Crown Castle International by 10.2% during the 3rd quarter. Sumitomo Mitsui Trust Holdings Inc increased Crown Castle Intl Corp ( CCI ) stake by 1.92% reported in 2017Q2 SEC filing.

    Hess Corporation (NYSE:HES) Position Increased by Nationwide Fund Advisors

    As per Tuesday, August 18, the company rating was upgraded by Argus Research. (NYSE:T) on Tuesday, November 8 to "Perform" rating. Scotiabank set a $52.00 price objective on Hess and gave the company a "buy" rating in a research note on Friday, August 11th.

    Gareth Morgan Investments Limited Partnership Decreases Position in Exxon Mobil Corporation (XOM)

    The company has a market cap of $351,213.72, a price-to-earnings ratio of 23.28, a PEG ratio of 1.73 and a beta of 0.83. Smith Asset Management Group Lp increased Exxon Mobil Corp ( XOM ) stake by 9.48% reported in 2017Q2 SEC filing.
  • Terrifying footage shows California drivers commuting mid-wildfire

    Terrifying footage shows California drivers commuting mid-wildfire

    California Governor Jerry Brown declared a state of emergency on Tuesday, freeing state funds and resources to assist. Violent Santa Ana winds continued to hamper efforts as gusts hit up to 80 miles per hour at their peak.
    Polish finance minister to replace PM Beata Szydlo

    Polish finance minister to replace PM Beata Szydlo

    Before his nomination, he had also been serving as deputy prime minister. Further changes to the government are due in January, the PAP said.

    Integral Derivatives LLC Upped Stake in Hal (Put) (HAL) by $21.57 Million

    The oilfield services company reported $0.42 earnings per share for the quarter, topping the consensus estimate of $0.38 by $0.04. It has outperformed by 236.13% the S&P500.The move comes after 8 months negative chart setup for the $635.73 million company.
  • Irrfan Khan honoured at Dubai Film Fest

    Irrfan Khan honoured at Dubai Film Fest

    The Dubai International Film Festival ( DIFF ) started with a heavy dose of glitz and glamour at the Madinat Jumeirah . The festival was honoured by the presence of His Highness Sheikh Mansoor bin Mohammed bin Rashid Al Maktoum.
    Notable Stock Analysts Ratings Enbridge Energy Partners, LP (EEP)

    Notable Stock Analysts Ratings Enbridge Energy Partners, LP (EEP)

    The pipeline company reported $0.24 earnings per share for the quarter, meeting the Thomson Reuters' consensus estimate of $0.24. According to the most recent data, Enbridge Energy Partners, L.P. has a 52-week high of $26.17 and a 52-week low of $12.25.
    The Game Awards 2017 Will Reveal Two

    The Game Awards 2017 Will Reveal Two "Brand-New Game Worlds"

    The Game Awards will be streamed from the Microsoft Theater in Los Angeles, California at 5:30pm PT / 8:30pm ET. Alternative rock band Phoenix will also be on hand for a live performance.