A critical Shortcuts vulnerability was fixed in iOS 17.3

CAT February 22, 2024 1 min read

According to research performed by Bitdefender, prior to the iOS 17.3 update, a malicious Shortcut could capture sensitive data like photos and send it to an attacker.

The Apple Shortcuts app icon is designed to look like an 'S' with pink and blue gradients on a dark blue background. The icon sits on top of binary code blurred in the background.

Apple’s Shortcuts app

Shortcuts are built into iOS, iPadOS, and macOS to provide users with hooks for building automations. These Shortcuts can be shared between users via a link, which can lead to widespread sharing of a malicious Shortcut.

According to research performed by Bitdefender viewed by AppleInsider, an unsuspecting Shortcuts user could obtain a Shortcut that attacks a vulnerability in the Transparency, Consent, and Control (TCC) system meant to protect users from data theft. Typically, TCC prompts appear when an app or Shortcut attempts to access sensitive information or system resources, but the vulnerability bypassed this check.

Continue Reading on AppleInsider | Discuss on our Forums

Go Here to Read this Fast! A critical Shortcuts vulnerability was fixed in iOS 17.3

Originally appeared here:
A critical Shortcuts vulnerability was fixed in iOS 17.3

Tags: tech technews technology

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Stories

Ready to ditch Google Drive? Here are the 5 best alternatives to check out

Phishing your own people in cybersecurity training? How to protect the brands you use as bait

How to import your old passwords into the new Apple Passwords

You may have missed

Ready to ditch Google Drive? Here are the 5 best alternatives to check out

Phishing your own people in cybersecurity training? How to protect the brands you use as bait

Block Inc. shifts focus to Bitcoin mining amid plans to sunset Web5-focused TBD

South Korea’s Upbit will launch Solana-based DRIFT trading pairs