A new iPhone update patches a flaw that could allow an attacker to turn off a nearly seven-year-old USB security feature. Apple’s release notes for iOS 18.3.1 and iPadOS 18.3.1 say the bug, which allowed the deactivation of USB Restricted Mode, “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The release notes describe the now-patched security flaw as allowing “a physical attack,” which suggests the attacker needed the device in hand to exploit it. So, unless your device was hijacked by “extremely sophisticated” attackers, there was nothing to panic about even before Monday’s update.
USB Restricted Mode, introduced in iOS 11.4.1, prevents USB accessories from accessing your device’s data if it hasn’t been unlocked for an hour. The idea is to protect your iPhone or iPad from law enforcement devices like Cellebrite…
