iphone-14-screen

Apple’s Shortcuts could be a shortcut to a privacy nightmare

One advantage to Apple’s walled garden approach is that it keeps everything tightly controlled. This means that they have greater control over apps and what kind of data these apps can access. This can cut down on potential abuse. But there is no such thing as a perfect system. According to a recent security report, Apple’s Shortcuts feature has a privacy issue.

The folks over at Bitdefender have recently discovered a vulnerability in Apple’s Shortcuts. Shortcuts is a feature that is bundled with iOS and macOS. It is a native Apple feature that allows users to create automated tasks, such as automatically setting your phone to low power mode when it hits a certain percentage.

From what they found, this vulnerability would allow Shortcuts to bypass Apple’s TCC. This is a security framework in iOS and macOS that controls access to sensitive user data from apps. This vulnerability essentially allows a Shortcut to bypass that request and collect sensitive data from an iPhone or Mac computer, which is then exploited at a later date.

This is particularly problematic because of the fact that Shortcuts can be created by users and then shared with the public. This allows users who might not be as tech savvy to enjoy certain automated workflows that were created by others. But this also means that users might end up installing a Shortcuts with the vulnerability and expose their devices.

Thankfully, Bitdefender says that Apple has since patched the issue in iOS 17.3, iPadOS 17.3, and macOS Sonoma 14.3. If you haven’t updated your software yet, you probably should, especially if you Apple’s Shortcuts and want to avoid privacy issues.

Exit mobile version