Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Apple May Start Delivering Security Patches Separately From Other OS Updates

March 17, 2021

Apple could also be altering the best way it delivers safety patches to its units operating iOS and iPadOS cellular working programs.

In keeping with code noticed in iOS 14.5, the iPhone maker is reportedly engaged on a way for delivering safety fixes independently of different OS updates.

The adjustments had been first reported by the 9to5Mac web site.

Whereas Google’s Android has had month-to-month safety patches rolled out which might be fully divorced from the OS-related updates, iOS has historically bundled safety updates together with an improve to the most recent model of the OS.

As an example, Apple rolled out iOS 14.4.1 earlier this month simply to deal with one safety vulnerability in WebKit that might have allowed adversaries to run arbitrary code on units by way of malicious internet content material.

However with this new setting known as “Set up Safety Updates” added to the software program replace menu, it is anticipated that Apple will let customers select between both putting in the complete iOS replace or simply the safety updates, in a way that echoes macOS.

On Macs operating older variations of the working system equivalent to macOS Mojave, Apple has provided standalone replace packs, permitting customers to get safety patches and bug fixes whereas holding off earlier than putting in the most recent macOS model accessible.

Provided that iOS 14.5 continues to be in beta, it is nonetheless unclear how this characteristic shall be applied, however primarily based on code references, it seems that customers who’ve beforehand downloaded the safety replace could also be prompted to delete it earlier than putting in one other iOS replace.

By separating safety updates from feature-centric updates, the event might additionally pave the best way for issuing out-of-band emergency fixes for units not operating the most recent variations of iOS and iPadOS.

iOS 14.5 is already shaping as much as be fairly a giant privateness and security-focused replace, what with the corporate planning to redirect all fraudulent web site checks by way of its personal proxy servers as a workaround to protect consumer privateness and forestall leaking IP addresses to Google.

As well as, iOS 14.5 will even require apps to ask for customers’ permission earlier than monitoring them throughout different apps and web sites utilizing the system’s promoting identifier as a part of a brand new framework dubbed App Tracking Transparency.

iOS 14.5 is presently in beta and is anticipated to be launched later this spring.

Posted in SecurityTags:
Write a comment