Apple has rolled out a server-side fix to a vulnerability in its HomeKit platform that was first reported by 9to5mac.com last week.
The site reported that the HomeKit vulnerability in the current version of iOS 11.2 “allows unauthorized control of accessories including smart locks and garage door openers.”
Apple recently released iOS 11.2 which rolled out Apple Pay Cash and a date bug fix.
(Read: iOS 11.2 Rolled Out)
Mashable said the HomeKit bug was “dangerous.”
The site pointed out that if an iPhone or iPad running on iOS 11.2 is linked to a HomeKit user’s iCloud account, that account is vulnerable to hacking.
A hacker may tamper with a user’s smart lights, thermostats, and plugs or open the garage or front door that has a HomeKit-enabled smart lock.
According to 9to5mac.com, the vulnerability – which the site did not discuss in detail – was “difficult to reproduce.”
The site also said the problem is not with the smart home products but with the HomeKit platform that links products made by different companies.
A spokesperson for Apple, however, told 9to5mac.com that the issue involving HomeKit users running iOS 11.2 “has been fixed.”
The fix, the Apple representative added, disables remote access to shared users for now and that such access will be restored in a software update this week.
9to5mac.com said Apple was informed about the HomeKit vulnerability in iOS 11.2 in October and that the fix was developed “sooner than expected.”
The site said that while entrusting one’s safety and security with HomeKit and other smart lock products is a personal decision, a home or apartment unit occupant can still use a lock and key or install security cameras for added peace of mind.
Apple has released a fix to the HomeKit vulnerability that allows unauthorized control of smart products – even garage or front doors with smart locks.
What can you say about it? Share your thoughts by commenting below.