SINGAPORE – Those toting Apple devices are advised to update them after a vulnerability was found in the tech giant’s Shortcuts app.
The Cyber Security Agency of Singapore (CSA) said in an alert on Feb 29 that the vulnerability could allow third parties to access sensitive information on Apple devices without users’ consent.
It affects devices that run macOS Sonoma versions earlier than 14.3, iOS versions before 17.3, and iPadOS versions before 17.3.
The Shortcuts app allows users to automate various actions, which can be triggered with a tap, or through certain events, such as the time of the day or the arrival at a specific location.
It comes pre-installed on iPhones, iPads, Mac devices and Apple Watches, with users able to share the shortcuts they make with others.
The cyber-security researcher who discovered the vulnerability said in a blog post on cyber-security firm Bitdefender’s website that the sharing mechanism “expands the potential reach of the vulnerability”, with malicious individuals able to create shortcuts that bypass Apple’s security framework.
In doing so, they could access a user’s photos, contacts, files and clipboard data within the Shortcuts app, which would then be forwarded to a server.
Get a round-up of the top stories to start your day
Thank you!
Sign up
By signing up, I accept SPH Media's Terms & Conditions and Privacy Policy as amended from time to time.
Yes, I would also like to receive SPH Media Group's SPH Media Limited, its related corporations and affiliates as well as their agents and authorised service providers.
marketing and promotions.
Advising users to update their devices to the latest versions immediately, CSA added that they should also enable automatic software updates.
This can be done by going to Settings > General > Software Updates > Enable Automatic Updates.
Our data problems are getting harder to ignore
Do not be afraid of the iPhone’s NameDrop feature, say experts
Unlock unlimited access to ST exclusive content, insights and analyses
ST One Digital - Annual
$9.90 $4.95 /month
Get offer
$59.40 for the first year and $118.80 per year thereafter.
ST One Digital - Monthly
29.90 $9.90 /month
Subscribe today
No lock-in contract
Unlock more knowledge, unlock more benefits
New feature: Stay up to date on important topics and follow your favourite writers with myST All subscriber-only content on ST app and straitstimes.com Easy access any time via ST app on one mobile device
Join ST's WhatsApp Channel and get the latest news and must-reads.
Apple iPhones iPad Mobile apps Cyber security
Facebook Telegram More Whatsapp Linkedin Twitter FB Messenger Email Print Purchase Article Copy permalink https://str.sg/Fjt8
Read this subscriber-only article for free!
Just sign up for a free account and log in to continue reading.
Apple users urged to update devices after app vulnerability found to give attackers access to data
Sign up
Already have an account? Log in.
All done! This article is now fully available for you
Apple users urged to update devices after app vulnerability found to give attackers access to data
Read now
Please verify your e-mail to read this subscriber-only article in full
Apple users urged to update devices after app vulnerability found to give attackers access to data
Resend verification e-mail
The gift link for this subscriber-only article has expired.
Get unlimited access to all stories at $0.99/month for the first 3 months.
Subscribe now
You have reached your limit of subscriber-only articles this month.
Get unlimited access to all stories at $0.99/month for the first 3 months.
Subscribe now
Read and win!
Read 3 articles and stand to win rewards
Let's go! Terms & conditions apply
Frequently asked questions
Good job, you've read 3 articles today!
Spin the wheel now
Let's go! Terms & conditions apply
Frequently asked questions