Comment by daft_pink
1 year ago
You have to wonder if the only reason the iPhone 16 isn’t included in this article, is because the article was written before the iPhone 16 existed.
1 year ago
You have to wonder if the only reason the iPhone 16 isn’t included in this article, is because the article was written before the iPhone 16 existed.
The iPhone 16 shipped with iOS 18. The vulnerability in question (CVE 2023-38606) was patched with iOS 16.6 released in July 2023, months before Kaspersky's write-up that prompted this blog post. There, now you don't have to wonder any more.
Thanks for making this more clear. This is the problem with reading old posts.
It's because Apple fixed the issue on all affected devices with OS updates released in July 2023.
Has anyone disassembled that update to figure out how they patched this?
If it is some device sitting on the memory bus, how did they disable it in a way it couldn't be reenabled by the OS kernel? Most hardware that sits on a CPU bus doesn't have such an ability.