iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Apple patched two significant security vulnerabilities that could have exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, according to a recent support document update.

Apple provides a list of security vulnerabilities patched in most updates. Once an investigation of a specific security vulnerability is completed, Apple updates the security fixes with new entries.

Apple credits developer Steve Troughton-Smith with assisting it in finding and patching a vulnerability in iPadOS 15 after it was released in September.

An access issue was addressed with additional sandbox restrictions on third-party applications.
>
Entry added January 19, 2022.

There is no indication that this particular exploit was used in the wild.

In addition, watchOS 8.0 patched a security exploit that could allow a third-party app to circumvent Privacy preferences. Apple doesn't give any more information about the exploit and doesn't indicate that it was used.

Apple has updated its security content pages for its various operating systems, with newly disclosed security vulnerabilities for each of them.

In the last four years, iPadOS 15 adoption has been lower than that of the other operating systems, with Apple saying that iOS 15 is installed on more than 70% of all phones. More than 80% of all iPhones were installed on iOS 14 in the last four years, which is lower than the adoption of the newer version of the operating system. By January of 2020, iOS 13 had been installed on 75% of the phones.

Users are strongly encouraged to update to the latest versions of both iPadOS and iOS after the security exploits were disclosed. The most recent public version of iPadOS is 15.2.1 and the most recent version of Apple's mobile operating system is iOS 15.3.

In June, Apple said that it would give users a choice if they wanted to update to the newest version of the operating system or continue to receive security updates. The latter is no longer an option as Apple is pushing users to update to the newer version of its software as users still running on the older version of its software will no longer receive security updates.

The option to remain on the operating system was always meant to be a short-term one.