Apple(US:AAPL) Xin Lang Cai Jing·2025-12-31 11:05Core Viewpoint - The "Pangu Stone" team under Qi Anxin has successfully overcome the privilege escalation challenge in Apple's iOS 26.1, enabling data extraction from applications like Telegram, with support ranging from iOS 17.0 to 26.1 [1][6]. Group 1: Company Overview - The "Pangu Stone" team is a part of Qi Anxin Technology Group Co., Ltd., focusing on the research and development of electronic data forensics technology, offering a comprehensive range of products and solutions in computer forensics, mobile terminal forensics, cyberspace forensics, IoT forensics, and forensic data analysis platforms [3][8]. Group 2: iOS 26.1 Update Details - Apple recently released the iOS/iPadOS/macOS/watchOS/tvOS 26.1 update, which, while appearing routine, primarily focuses on security enhancements, fixing approximately 50 security vulnerabilities across critical modules such as the system kernel, privacy permissions, and browser engines [3][8]. - Apple has emphasized the importance of this update, recommending that all users of iPhone 11 and later models install it promptly to mitigate potential attacks [3][8]. Group 3: Vulnerabilities Addressed - The vulnerabilities addressed in this update include: - Malicious applications potentially identifying other installed applications (CVE-2025-43442) - Enumeration of all applications on the device (CVE-2025-43436) - Possible exposure of user fingerprint data during the installation phase (CVE-2025-43444) - Risks associated with identifying user fingerprints on the device side (CVE-2025-43439) - These issues primarily affect iPhone 11 and later models, and Apple has implemented enhanced permission controls and access boundaries to prevent unauthorized access to private information by third-party applications [5][9].