Apple squashes iOS 13’s third-party keyboard bug

Ionut Arghire for SecurityWeek:

Apple on Friday released security updates for iOS 13 and iPadOS to address a vulnerability that allowed third-party keyboard extensions to gain “full access” without being granted permission.

The bug, Apple revealed earlier this week, only impacts devices where third-party keyboards request full access permissions, but does not affect Apple keyboards or third-party keyboards that don’t make use of full access.

On Friday, Apple announced the release of iOS 13.1.1 and iPadOS 13.1.1, which address the issue by applying the correct sandbox restrictions to third-party app extensions.

MacDailyNews Take: Kudos to Apple for fixing this so quickly!

1 Comment

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.