- Apr 12, 2001
The iOS 15 and iPadOS 15 updates that were released today add improved anti-spoofing models for Face ID, further improving the security of facial recognition on the iPhone X and later and the iPad Pro models.
According to Apple's security support document for the updates, there was a Face ID vulnerability that could allow a Face ID iPhone to be unlocked and authenticated using a 3D model constructed to look like the iPhone's owner.
Apple says that this issue has been resolved through improvements to the Face ID feature, which is available on the iPhone X, iPhone XR, iPhone XS (all models), iPhone 11 (all models), iPhone 12 (all models), iPad Pro (11-inch), and iPad Pro (3rd generation).
There are a number of other security fixes included in the iOS 15 update, but none of the exploits were listed as being used in the wild. There was an issue with the Neural Engine that could allow an application to execute arbitrary code with system privileges on devices with a Neural Engine, and a CoreML bug could let attackers cause unexpected application termination or arbitrary code execution.
Apple also addressed issues with FontParser, Preferences, Siri, WebKit, and WiFi, all of which are outlined in Apple's full security document.
For those not particularly interested in the feature set that iOS 15 offers, it may still be a good idea to upgrade just to get the full suite of security fixes that Apple has deployed.
Article Link: iOS 15 Includes Improved Face ID Anti-Spoofing Models and Other Vulnerability Fixes