Last week, Apple’s HomeKit for shared users was temporarily shut down as a result of a nasty vulnerability which permits unauthorized access in some situations. Now, Apple has released iOS 11.2.1 and tvOS 11.2.1 software update for iPhone and iPad to address this problem. These updates are currently rolling out but devices on beta versions may have to exit the beta profiles then reboot the device to see the updates.
Gizchina News of the week
This vulnerability granted unauthorized access to smart home devices and Apple has swiftly moved into action to resolve this issue. It’s a security issue so the company needed to be as fast as possible so that HomeKit users won’t have to take any action. In the process of this fix from the server side, Apple had to momentarily shut down remote access for shared users in HomeKit. However, iPhone and iPad users can now update to the latest iOS version to bring back that functionality.
These are the official release notes
iOS 11.2.1 fixes bugs including an issue that could disable remote access to shared users of the Home app.
The security description is as follows
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: A remote attacker may be able to unexpectedly alter application state
Description: A message handling issue was addressed with improved input validation.
CVE-2017-13903: Tian Zhang