Apple Will Close Known Security Gap in iOS 12

The fact that configurations profiles on iOS devices contain a security flaw has been known now for quite some time. Now Apple wants to make improvements to iOS 12 and thus increase the security of the operating system.

How Apple Will Close The Security Gap In iOS 12

In the future, several extra steps will be needed to install configuration profiles.

Weak point: iOS Configuration Profiles

iOS configuration profiles are used for easy management of Apple devices. For example, they contain information about email, wireless or Exchange settings, security policies, or restrictions. Once created, the configuration profiles can be easily distributed to user devices.

But this simple approach has turned out to be a serious security risk. Counterfeit configuration profiles can let in malware, make system changes or, in the worst case, completely block the iPhone.

Now, Apple is working on eliminating this issue.

How Apple Will Close The Security Gap In iOS 12

The magic term for this is: Complexity. Previously, when a user opened the configuration profiles on delivery, for example by e-mail or banner, it led them directly to the installation. According to Apple, this is exactly where the company is planning to work on. In the future, several extra steps will be needed to install configuration profiles.

These changes will mean that once users have clicked on a profile, they will be notified that installation can only be carried out manually in settings.

How Does Closing the Security Gap in iOS 12 Affect MDM Systems?

Fortunately, Apple is not making life unnecessarily difficult for MDM solution vendors and businesses. Configuration profiles provided via MDM systems will continue to be installed without this more complex workaround. The user does not have to do anything about this in the future.

If you want to make it easy for your company to manage your iOS devices, find out how Cortado MDM can help you.

Comments are closed.