Apple has fixed seven security vulnerabilities with the release of iOS 10, none of which involve arbitrary code execution. The new release is a major overhaul for iOS and the biggest security change is that Apple now performs software updates over HTTPS.
The most interesting vulnerability patched in iOS 10 is one that an attacker could use to prevent a victim from being able to update her phone. That could offer the attacker the chance to then target the victim with attacks on known vulnerabilities in older versions of the software.
“An attacker in a privileged network position may be able to block a device from receiving software updates,” Apple said in its security advisory for iOS 10.
“An issue existed in iOS updates, which did not properly secure user communications. This issue was addressed by using HTTPS for software updates.”
Previous versions of IOS used plaintext connections to deliver software updates, a practice that can allow an attacker to intercept the traffic. The change has been a long time coming for Apple. In addition to fixing that vulnerability, iOS 10 also carries patches for six other flaws, one of which would allow an attacker to intercept credentials for mail.
“An attacker with a privileged network position may be able to intercept mail credentials. An issue existed when handling untrusted certificates. This was addressed by terminating untrusted connections,” the Apple advisory says.
Another vulnerability patched in this release involved the way that the keyboard caches certain information. In some cases, it would store sensitive data and then the autocorrect feature could reveal that information later. The remaining vulnerabilities are less serious, including one that can allow a malicious app to figure out who a user is texting.