Due to a security hole in the new Passwords app in iOS 18 and iPadOS 18, your iPhone reads your passwords out loud.
iPhone reads your passwords out loud
A security hole in Apple’s new Passwords app has made it possible to read saved passwords out loud. With all its consequences. This uses the voiceover feature, which is actually designed to improve accessibility. This bug, known as CVE-2024-44204has now fortunately been resolved.
The bug occurred on all devices from the iPhone XS and various iPad models that support iOS 18 or iPadOS 18. These include the iPad Pro, third-generation iPad Air, and fifth-generation iPad Mini.
Security update
Apple responded immediately when it was announced that the Passwords app on the iPhone and iPad reads passwords out loud. The company released a security update in the form of iOS 18.0.1 for iPhones and iPadOS 18.0.1 for iPads. Apple subsequently announced that the issue had been resolved through improved validation.
The vulnerability was discovered by security researcher Bistrit Dahal and reported to Apple. It’s unusual that such an obvious vulnerability made it past beta testing.
Another security hole
In addition to the problem with your iPhone reading passwords, Apple has also resolved a security hole (CVE-2024-44207). That flaw was specific to the recently launched iPhone 16 models and allowed several seconds of audio to be recorded before the microphone indicator was turned on. This problem has also now been resolved with improved controls.
If you have not yet installed the updates to iOS 18.0.1 and iPadOS 18.0.1, these are two clear reasons to do so quickly.
Apple has also released updates for macOS Sequoia (version 15.0.1). This is to improve compatibility with third-party security software and the reliability of single sign-on authentication in Safari.
Download the iPhoned app
