iOS 17.5 Includes These 15 Security Fixes, But One Causes Another Bug

[MacRumors]

iOS 17.5 and iPadOS 17.5 include 15 security patches for the iPhone and iPad, according to a recently-published Apple support document, but unfortunately one of the patches has led to a software bug affecting alternative app marketplaces.

According to Mysk, a security patch related to the MarketplaceKit framework has resulted in a bug that prevents iPhone users in the EU from reinstalling an alternative app marketplace like AltStore if they happen to delete the app after initially installing it. Apple will likely fix this issue in a subsequent update, such as iOS 17.5.1.

In related news, one security researcher has complained that the iOS kernel vulnerability they discovered was not eligible for payment under the Apple Security Bounty program. It is listed in the iOS 17.5 security fixes below under "AppleAVD."

Apple's full list of security patches included in iOS 17.5 and iPadOS 17.5:

AppleAVD

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2024-27804: Meysam Firouzi (@R00tkitSMM)

AppleMobileFileIntegrity

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker may be able to access user data

Description: A logic issue was addressed with improved checks.

CVE-2024-27816: Mickey Jin (@patch1t)

AVEVideoEncoder

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2024-27841: an anonymous researcher

Find My

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: A malicious application may be able to determine a user's current location

Description: A privacy issue was addressed by moving sensitive data to a more secure location.

CVE-2024-27839: Alexander Heinrich, SEEMOO, TU Darmstadt (@Sn0wFreeze), and Shai Mishali (@freak4pc)

Kernel

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker may be able to cause unexpected app termination or arbitrary code execution

Description: The issue was addressed with improved memory handling.

CVE-2024-27818: pattern-f (@pattern_F_) of Ant Security Light-Year Lab

Libsystem

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to access protected user data

Description: A permissions issue was addressed by removing vulnerable code and adding additional checks.

CVE-2023-42893: an anonymous researcher

Maps

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to read sensitive location information

Description: A path handling issue was addressed with improved validation.

CVE-2024-27810: LFY@secsys of Fudan University

MarketplaceKit

Available for: iPhone XS and later

Impact: A maliciously crafted webpage may be able to distribute a script that tracks users on other webpages

Description: A privacy issue was addressed with improved client ID handling for alternative app marketplaces.

CVE-2024-27852: Talal Haj Bakry and Tommy Mysk of Mysk Inc. (@mysk_co)

Notes

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker with physical access to an iOS device may be able to access notes from the lock screen

Description: This issue was addressed through improved state management.

CVE-2024-27835: Andr.Ess

RemoteViewServices

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker may be able to access user data

Description: A logic issue was addressed with improved checks.

CVE-2024-27816: Mickey Jin (@patch1t)

Screenshots

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: An attacker with physical access may be able to share items from the lock screen

Description: A permissions issue was addressed with improved validation.

CVE-2024-27803: an anonymous researcher

Shortcuts

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: A shortcut may output sensitive user data without consent

Description: A path handling issue was addressed with improved validation.

CVE-2024-27821: Kirin (@Pwnrin), zbleet, and Csaba Fitzl (@theevilbit) of Kandji... Click here to read rest of article

Article Link: iOS 17.5 Includes These 15 Security Fixes, But One Causes Another Bug

 

[truthsteve]

has resulted in a bug that prevents iPhone users in the EU from reinstalling an alternative app marketplace like AltStore if they happen to delete the app after initially installing it.

some call it a bug, one might call it a feature. a great one, one might say.

 

[aloysiusfreeman]

ngl, I'm chuckling at the notion that it's intentional.

 

[Havalo]

Those boys at NSO and other three acronym agencies aren’t going to be too happy that Apple has patched them… 😂

Cat and mouse game continues…

 

[Edsel]

Reading about these 21st century security updates always has me yearning for 19th century parchment paper, quill pens and daguerreotype camera.

 

[hagar]

I have installed my first AltStore (SetApp Mobile - in beta). Works great. Very intuitive, no dramatic warnings by Apple, everything works as expected.

The only thing is that you get a warning when trying to install the store. You first need to approve this manually in Settings. For each developer.

Otherwise there’s no difference with App Store apps. Curious how smooth app updates will work.

 

[jdavid_rp]

some call it a bug, one might call it a feature. a great one, one might say.

Who would be positive about a bug that worsens the user experience in an optional system feature?

 

[TJFDenver]

Those boys at NSO and other three acronym agencies aren’t going to be too happy that Apple has patched them… 😂

Cat and mouse game continues…

NSO/pegasus doesn’t happen without NGO type extensions at the highest levels at iApple/iGoogle … plausible deniability at both ends

 

[cdsapplefan]

That sucks how Apple didn’t pay for that security researchers findings. It’s like Apple used him.

 

[Tony_YYZ]

Who would be positive about a bug that worsens the user experience in an optional system feature?

Some folks on here really don’t want others to have the ability to install whatever they want on their own phones. Like it personally offends them and affects their lives somehow.

 

[maxoakland]

some call it a bug, one might call it a feature. a great one, one might say.

I’m sure Apple considers it a feature

Definitely not suspicious

 

[cyanite]

NSO/pegasus doesn’t happen without NGO type extensions at the highest levels at iApple/iGoogle … plausible deniability at both ends

There is absolutely no evidence of that. There are plenty of regular exploits popping up now and then.

 

[bradman83]

Apple after accidentally causing glitches in alternate app marketplaces

 

[truthsteve]

Who would be positive about a bug that worsens the user experience in an optional system feature?

a bug that enhances user security? many people would.

 

[Ilde]

Could be interesting to know how long have been these exploits (or whatever) running in the wild before patching "all at once"?

 

[MacBH928]

software developers tell me apps will always have bugs, so we might as well just drop following "bugs news" unless its critical

 

[Crowbot]

software developers tell me apps will always have bugs, so we might as well just drop following "bugs news" unless its critical

Well there is a value to knowing "it's not just me". Tell me when they are discovered and then tell me when they are patched. Nothing more.

 

[chris1958]

Apple will have a hard time to maintain a separate EU-version of iOS and iPadOS. Would be much easier for them to allow alternative app-stores worldwide.

 

[3530025]

Apple will have a hard time to maintain a separate EU-version of iOS and iPadOS. Would be much easier for them to allow alternative app-stores worldwide.

Apple already maintains various geo-blocked features across the world.

For instance China version of iOS allows you to disable both Wi-Fi and cellular data per app. Which is great from the privacy point of view (because you can be sure app which can work offline can't call home and spy on you). Quite ironical to see this feature exclusive for China, right?

 

[Kottu]

Don't know what to say when a software update is mostly about new wallpaper. In fact old Apple Logo was rainbow shaded. Apple don't have the courage to make bold statements like in the past. Even for an ad, they had to apologise.

 

[ApplesAreSweet&Sour]

Apple will have a hard time to maintain a separate EU-version of iOS and iPadOS. Would be much easier for them to allow alternative app-stores worldwide.

Easier on a technical level, maybe. But definitely less profitable to (also) let iOS users in the U.S. or even Worldwide get the same kind of freedoms.

Considering how diligent and masterful Apple is at putting a (tall) price on every software and hardware feature/spec, increasingly finding stuff to position as a premium add-on, I can't see them just throwing the towel in the ring and proactively giving up on massive profits.

Only the DOJ can get the U.S. where EU iOS users are now.

And since U.S. law and general mindset seems to be quite pro-business by comparison to the EU, I doubt the DOJ will succeed at regulating Apple and its peers as successfully as the EU has done.

Also, Apple still gets its CTF in the EU. So it's in no way as one-sided as many of Apple's biggest proponents in here like to paint it.

 

[Japan Ricardo]

View attachment 2378036 Don't know what to say when a software update is mostly about new wallpaper. In fact old Apple Logo was rainbow shaded. Apple don't have the courage to make bold statements like in the past. Even for an ad, they had to apologise.

At least it didn't mention new emojis.....

I remember a Steve Jobs presentation about values and marketing, where he said companies should focus on how they impact lives rather than features of their products (which is the third point above). This is still at the heart of what Apple, and other great companies, do. If you have affinity with the Pride movement, this would make you feel very warm.

The best marketing - even in a notice about a software update - will help customers understand how the brand will help them achieve what they want or understand more deeply how the company connects with them.

When I moved from Windows to my iMac, the main pull was the Apple brand and how it could help me work smarter. They got me at that point. Then I checked things like features and prices, but they'd already got me...

 

[Shirasaki]

Those boys at NSO and other three acronym agencies aren’t going to be too happy that Apple has patched them… 😂

Cat and mouse game continues…

Nah, those agencies most likely have better exploits they can use to hack into iOS without us knowing.

Why being so triggered by the alt app stores. It's over, alternative app stores are there. Let's get over it.

Some folks will never get over it. A couple forum user names come in my mind.

Some folks on here really don’t want others to have the ability to install whatever they want on their own phones. Like it personally offends them and affects their lives somehow.

Ever since EU demands alternative App Store and Apple starts to implement it in EU, some people feel so triggered (out of jealousy?) that they are adamant that iOS is falling because of alternative App Store, despite Google Play Store still the largest App Store in android world with the ability to install whatever you want. To me their obsession against alternative App Store and ability to install whatever we the USER want is appalling, and their “security and privacy nightmare” claim is just regurgitating talking points from Apple.

For instance China version of iOS allows you to disable both Wi-Fi and cellular data per app. Which is great from the privacy point of view (because you can be sure app which can work offline can't call home and spy on you). Quite ironical to see this feature exclusive for China, right?

Yeah quite ironic for that to happen in a country that has zero interest in protecting user privacy. With that being said tho, those geo-locked features are on the iOS level tied to device distribution location. Dunno about alternative App Store. Does Apple tie the feature availability similarly by only allowing iPhone and iPad purchased in EU to have the feature? It very well could be.

 

[Shirasaki]

View attachment 2378036 Don't know what to say when a software update is mostly about new wallpaper. In fact old Apple Logo was rainbow shaded. Apple don't have the courage to make bold statements like in the past. Even for an ad, they had to apologise.

I almost laughed to death when I saw iOS updates include 1.05GB of “wallpaper” (I know that’s not the case but just let me have some fun).

 

[Japan Ricardo]

My battery life’s very good today.

I updated yesterday. Usually I’d be around 80% battery by lunchtime with normal use. Today I’m at 95% and, if anything, I’ve used it a bit more. (No photos, though.)