iPhone "Cookie Theft" Bug Patched

On Tuesday, Apple released iOS 9.2.1 and with it, a fix for a three-year-old cookie flaw.

According to security firm Skycure, which first reported the flaw in June 2013, the bug "involves the way iOS handles Cookie Stores when dealing with Captive Portals." Skycure explained, "When iOS users connect to a captive-enabled network (commonly used in most of the free and paid WiFi networks at hotels, airports, cafes, etc.), a window is shown automatically on users’ screens, allowing them to use an embedded browser to log in to the network via an HTTP interface." In order for hackers to exploit this issue, attackers need only to create a public WiFi network and wait for victims to fall into the trap. Once connected to this malicious network, attackers can redirect the Apple Captive request triggering the embedded browser and loading Attacker-controlled content.

"This is the longest it has taken Apple to fix a security issue reported by us," said Skycure. "It is important to note that the fix was more complicated than one would imagine." The bug affected iPhone 4s, iPod touch (5th generation), and iPad 2 slabs and higher, according to Apple’s own iOS 9.2.1 security update. "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available," said Apple. There are no reports of this vulnerability in the wild, despite its age. Users are urged to download and install iOS 9.2.1 as it fixes the bug.

Photo: © iStock.