iOS HomeKit bug exposed smart locks to unauthorized access

From Engadget - December 7, 2017

While 9to5Mac did not share the details of the vulnerability, it also reportedly opened up smart lights, thermostats and plugs to unauthorized control. This issue follows a High Sierra bug discovered last month that allowed users to gain admin access without a password.

Because the server-side fix has already been implemented, users do not need to take any additional steps to secure their smart products. Just be sure to install the iOS update when it's released in order to regain the reduced functionality.


Continue reading at Engadget »