Close Menu
News JournosNews Journos
  • World
  • U.S. News
  • Business
  • Politics
  • Europe News
  • Finance
  • Turkey Reports
  • Money Watch
  • Health
Editors Picks

Trump Addresses Speculation About Potential Third Presidential Run

May 4, 2025

Elon Musk Deletes Posts on X Platform

June 7, 2025

Trump Threatens Jail for Tesla Vandals and Their Financial Backers

March 21, 2025

Bruce Springsteen Addresses Trump Feud During Autograph Signing

May 18, 2025

Elon Musk Advocates for Work Documentation from Federal Employees

February 22, 2025
Facebook X (Twitter) Instagram
Latest Headlines:
  • Convicted Killer Denies Ex-Lover’s Involvement in Husband’s Murder
  • Millions Lost Annually to Wire Transfer Fraud: Are Banks Doing Enough to Combat It?
  • North Korean Man Crosses DMZ into South Korean Custody
  • Beauty Executive’s Wife Denies Involvement in His Murder; Jury to Decide Fate
  • Texas Flood Survivors Share Heroic Tales Amid Ongoing Search for Missing Individuals
  • CHP Official Demands End to Government Interference in Municipalities Outside Courthouse
  • Australia Faces Antisemitic Attacks, Including Synagogue Arson on July 4
  • Elon Musk Launches New Political Party
  • This Week’s Highlights on Sunday Morning: July 6 Edition
  • Safety Concerns Intensify Over Weighted Baby Sleep Products After Advisory
  • Elon Musk Launches ‘America Party’ Following Trump’s Bill Signing
  • Tips for Reducing Screen Time on iPhone and Android Using Built-in Tools
  • Parisians Dive into Seine River as Century-Long Ban is Lifted
  • Rep. Mark Green Resigns from Congress
  • Multiple Arrests Made After North Texas Officer Shot Outside ICE Facility
  • Body Discovered During Search for Missing American in Turks and Caicos
  • New Biography Explores Mark Twain’s Life and Legacy
  • Oasis Reunites After 16 Years, Dedicates ‘Live Forever’ to Diogo Jota
  • Amateur Baseball Leverages Smart Base Running to Evade Double Play
  • Germany’s Defense Industry Thrives Amid Rising Global Arms Demand
Facebook X (Twitter) Instagram
News JournosNews Journos
Subscribe
Sunday, July 6
  • World
  • U.S. News
  • Business
  • Politics
  • Europe News
  • Finance
  • Turkey Reports
  • Money Watch
  • Health
News JournosNews Journos
You are here: News Journos » Tech » Apple and Google Address Passwords App Vulnerability Targeting Wi-Fi Security
Apple and Google Address Passwords App Vulnerability Targeting Wi-Fi Security

Apple and Google Address Passwords App Vulnerability Targeting Wi-Fi Security

News EditorBy News EditorMarch 24, 2025 Tech 7 Mins Read

The recent discovery of a significant security vulnerability in Apple’s built-in password manager app, Passwords, has raised doubts about the security of Apple’s products, which the company has long promoted as synonymous with privacy. Security researchers revealed that the flaw allowed potential phishing attacks for nearly three months, from September to December 2024. The issue stemmed from the app’s use of unencrypted HTTP connections, making it susceptible to hackers exploiting public Wi-Fi networks to redirect users to fraudulent sites that could capture sensitive login credentials. Apple has since addressed the vulnerability, emphasizing the need for users to update their devices and take additional security precautions.

Article Subheadings
1) Overview of the Vulnerability
2) Apple’s Response and Fix
3) Safeguarding Digital Identities
4) How to Update iOS Devices
5) Conclusion and Implications for Users

Overview of the Vulnerability

In September 2024, security researchers from Mysk uncovered a severe flaw in Apple’s Passwords app, which was introduced as part of the iOS 18 update. This vulnerability persisted until December 2024, allowing attackers to exploit the app’s use of unencrypted HTTP connections rather than the more secure HTTPS protocol. The risk was particularly acute for users connecting to public Wi-Fi networks, such as in airports or coffee shops, where attackers could intercept unencrypted requests and redirect users to phishing sites. These sites could easily capture users’ login credentials by masquerading as legitimate platforms, thus compromising sensitive information.

For nearly three months, users of the Passwords app were at risk whenever they accessed accounts over public networks. If an individual were to click on a link, such as “Change Password,” without realizing the network security risks, they could fall victim to a malicious actor who had the ability to mislead them to a fraudulent web page, often indistinguishable from the real one. As no enforcement of HTTPS took place, users may not have been aware of the ongoing risks, resulting in a substantial number of potential credential thefts.

Apple’s Response and Fix

After the vulnerability was reported, Apple took prompt action and released an iOS 18.2 update in December 2024, aimed at addressing the issue. The update shifted all network communications within the Passwords app to enforce HTTPS, safeguarding users against potential interception of their login information. As a result of this patch, it has become significantly more challenging for attackers to execute phishing attempts via this app.

Users are now strongly urged to update their devices to the iOS 18.2 version or later to effectively mitigate the risks associated with this vulnerability. In addition, any users who accessed their passwords over public Wi-Fi during the vulnerability period should consider changing their passwords to enhance security against potential breaches. The quick response from Apple, emphasizing strong security protocols, reflects the company’s ongoing commitment to user safety while acknowledging the gravity of the situation.

Safeguarding Digital Identities

This incident underscores the critical need for all users to adopt more proactive security measures to safeguard their digital identities. Given that Apple’s Passwords app was not sufficiently secure, users should organize their security practices with multiple layers of protection. A suggested initial step is to utilize a reliable third-party password manager, as this could offer a more rugged security framework compared to the default options within Apple’s ecosystem.

Enabling two-factor authentication (2FA) is another highly recommended practice. By adding an extra layer of security, even if hackers manage to obtain a password, they would face additional barriers before gaining access to sensitive accounts. Utilizing authentication apps like Google Authenticator or hardware keys can provide enhanced security compared to SMS-based verification codes, which might be susceptible to interception.

Public Wi-Fi networks present additional vulnerabilities, and it is best to avoid accessing sensitive information when connected to these networks. If public access is necessary, using a Virtual Private Network (VPN) can encrypt your internet traffic, diminishing risks from potential attackers on the same network. Moreover, awareness of phishing attempts by verifying login urls or links before entering credentials adds another line of defense against cyber threats.

How to Update iOS Devices

For users uncertain about how to update their iPhones or iPads to the latest iOS version, the steps are straightforward. To initiate the update process, navigate to the Settings app, tap on General, then select Software Update. This section will indicate whether any updates are available for download and installation. Following these steps ensures that devices are equipped with the latest security patches, helping to improve overall security protocols and mitigate risks from existing vulnerabilities.

Regularly monitoring and maintaining devices is essential in the war against cyber threats. Keeping systems updated helps users stay one step ahead of potential vulnerabilities. Implementing frequent checks for suspicious account activities and reports can alert users to unauthorized access and ensure robust monitoring of their digital activities.

Conclusion and Implications for Users

The prolonged exposure to a security flaw within a prominent app like Apple’s Passwords highlights the need for continual vigilance and proactive measures among users. Although the company has patched the vulnerability, the incident raises critical questions about the effectiveness of security measures currently in place for protecting user data. If Apple wants to maintain its reputation as a leader in privacy and security, it must bolster its commitment to rigorous security checks and ensure timely updates to any vulnerabilities that arise.

Users must also take ownership of their security by integrating additional protective measures into their routines, such as regular updates, employing password managers, and practicing caution on public networks. This proactive approach can greatly diminish risks associated with data breaches and enhance the overall safety of personal information in an increasingly digital landscape.

No. Key Points
1 The Passwords app was vulnerable to phishing attacks for nearly three months.
2 Apple released a fix in December 2024, enforcing HTTPS across the app.
3 Users are urged to update to iOS 18.2 or later for enhanced security.
4 Adopting multi-layered security practices is essential for protecting digital identities.
5 Regular device updates and monitoring suspicious activity can further enhance security.

Summary

The security vulnerability in Apple’s Passwords app serves as a reminder of the challenges that even leading technology companies face in ensuring user privacy and security. As Apple works to bolster its measures following the recent incident, users are encouraged to remain vigilant and proactive in safeguarding their own information. Implementing robust security practices, keeping devices updated, and being aware of potential threats are critical steps in navigating an increasingly complex digital landscape. This incident showcases the need for unity between technology companies and users in the effort to create a more secure online environment for all.

Frequently Asked Questions

Question: What security measures did Apple take to fix the vulnerability?

Apple released an update in December 2024 that enforced HTTPS for all network communications within the Passwords app, closing the loophole that allowed phishing attacks.

Question: How can users check if their devices are secure?

Users can confirm if their devices are updated by going to Settings > General > Software Update to see if they have the latest version of iOS.

Question: What can users do to protect their identities online?

Users should adopt multi-layer security practices including using reputable password managers, enabling two-factor authentication, avoiding public Wi-Fi for sensitive activities, and regularly monitoring their accounts for unusual activity.

address app Apple Artificial Intelligence Blockchain Cloud Computing Consumer Electronics Cybersecurity Data Science E-Commerce Fintech Gadgets Google Innovation Internet of Things Mobile Devices Passwords Programming Robotics security Software Updates Startups targeting Tech Reviews Tech Trends Technology Virtual Reality vulnerability WiFi
Share. Facebook Twitter Pinterest LinkedIn Email Reddit WhatsApp Copy Link Bluesky
News Editor
  • Website

As the News Editor at News Journos, I am dedicated to curating and delivering the latest and most impactful stories across business, finance, politics, technology, and global affairs. With a commitment to journalistic integrity, we provide breaking news, in-depth analysis, and expert insights to keep our readers informed in an ever-changing world. News Journos is your go-to independent news source, ensuring fast, accurate, and reliable reporting on the topics that matter most.

Keep Reading

Tech

Tips for Reducing Screen Time on iPhone and Android Using Built-in Tools

5 Mins Read
Tech

Over 120,000 Fake E-Commerce Sites Target Shoppers Before Prime Day

6 Mins Read
Tech

Breakthrough Technology Restores Communication for Paralyzed Man

6 Mins Read
Tech

Hexagon’s AEON Humanoid Robot Targets Factory Labor Shortages

5 Mins Read
Tech

Google Photos Introduces AI-Powered ‘Ask Photos’ Search Feature in the US

5 Mins Read
Tech

Schools Combat AI Cheating by Reverting to Pen and Paper Exams

5 Mins Read
Mr Serdar Avatar

Serdar Imren

News Director

Facebook Twitter Instagram
Journalism Under Siege
Editors Picks

Trump Praises US-born Pope Leo XIV in Politics Newsletter

May 8, 2025

Federal Judge Orders Return of Second Deported Immigrant by Trump Administration

April 24, 2025

Trump Signs Executive Order Reducing Funding for PBS and NPR

May 1, 2025

Musk Reveals Upcoming Changes for DOGE and Other Key Updates

March 27, 2025

Melania Trump Hosts Guests for President Trump’s 2025 Joint Address to Congress

March 4, 2025

Subscribe to News

Get the latest sports news from NewsSite about world, sports and politics.

Facebook X (Twitter) Pinterest Vimeo WhatsApp TikTok Instagram

News

  • World
  • U.S. News
  • Business
  • Politics
  • Europe News
  • Finance
  • Money Watch

Journos

  • Top Stories
  • Turkey Reports
  • Health
  • Tech
  • Sports
  • Entertainment

COMPANY

  • About Us
  • Get In Touch
  • Our Authors
  • Privacy Policy
  • Terms and Conditions
  • Accessibility

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

© 2025 The News Journos. Designed by The News Journos.

Type above and press Enter to search. Press Esc to cancel.

Ad Blocker Enabled!
Ad Blocker Enabled!
Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.