Apple(AAPL) TechCrunch·2025-02-10 19:30Core Insights - Apple released updates for iOS and iPadOS to address a vulnerability that could have been exploited in sophisticated attacks against targeted individuals [1] - The vulnerability allowed the disabling of USB Restricted Mode on locked devices, a feature designed to prevent unauthorized data access [1] - The flaw was discovered by Bill Marczak from Citizen Lab, which investigates cyberattacks against civil society [3] Vulnerability Details - The vulnerability was linked to physical access to devices, suggesting that attackers likely used forensic tools like Cellebrite or Graykey to exploit it [2] - USB Restricted Mode was introduced in 2018 to enhance security by blocking data transfer over USB connections if the device has not been unlocked for seven days [1] - Apple had previously implemented a feature that reboots devices after 72 hours of being locked to further protect user data [1] Context of Exploitation - There is uncertainty regarding who exploited this flaw and against whom it was used, but law enforcement agencies have a history of using forensic tools to access locked devices [5] - Amnesty International reported instances where Serbian authorities used Cellebrite to unlock phones of activists and journalists, indicating a pattern of abuse of such vulnerabilities [6]