An Apple Maps privacy bug fixed in iOS 16.3 may have allowed apps to collect user location data without permission.
At least one app appears to have done so, and a security reporter has speculated that the same privacy bug could have been exploited by countless apps over an unknown time period …
iOS 16.3
iOS 16.3 became publicly available last week, after a month in beta. The headline feature was support for physical security keys as part of the two factor authentication sign in process on new devices.
Other features highlighted in the release notes were:
- New Unity wallpaper honors Black history and culture in celebration of Black History Month
- Support for HomePod (2nd generation)
- Emergency SOS calls now require holding the side button with the up or down volume button and then releasing in order to prevent inadvertent emergency calls
As well as mention of several bug fixes. Check out our video run-through of all the new features.
Apple Maps privacy bug
Apple’s iOS release notes don’t list every bug fix; instead, the security-related ones are mostly covered in a separate document. Apple lists 12 different security patches, including one for an Apple Maps privacy bug:
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Descriptio
