Skip to main content

iOS 13 could be hacked by external keyboards

iOS 13
(Image credit: Future)

Users looking to use a third-party keyboard app on their recently updated iPhone or iPad? may want to think twice after Apple issued a security warning concerning the new software.

The iPhone maker released the latest version of its mobile operating system, iOS 13, last week and the company followed this up with the recent release of iOS 13.1 and iPadOS 13.1. However, Apple has warned users of an issue affecting third-party keyboard apps in a brief advisory, which reads:

“Third-party keyboard extensions in iOS can be designed to run entirely standalone, without access to external services, or they can request “full access” to provide additional features through network access. Apple has discovered a bug in iOS 13 and iPadOS that can result in keyboard extensions being granted full access even if you haven't approved this access.”

Third-party keyboards

In the latest version of iOS, third-party keyboards can run in a standalone mode or with full access, giving them the ability to interact with other apps or access the internet for additional features such as spell check. 

However, using a third-party keyboard in full access mode also allows the developer of the app to capture keystroke data whenever you type and this includes what you write in emails, messages and even when you enter a password.

The bug Apple discovered could allow third-party keyboard apps to gain full access permissions regardless of whether or not a user approved.

The company has not released further details on the issue though it does say that the bug will be patched in an upcoming software update.

Via TechCrunch