Yoodley is reader-supported. When you buy through links on our site, we may earn an affiliate commission.
The news started with different news outlets citing various sources confirming the matter, which will reportedly affect Apple and all foreign smartphone brands. According to The Wall Street Journal, China wants to limit foreign countries’ possible access to its government’s sensitive data, pushing it to resort to this decision. On the other hand, Bloomberg shared that after the ban to government officials, China will soon push it to “state-owned enterprises and other government-controlled organizations.” Meanwhile, WSJ added that government agencies have already informed employees that they can no longer use iPhones for work or even bring them to workplace premises.
China is now contradicting these reports, saying it is not pushing any ban on the use of the Apple device. Nevertheless, it stressed its concerns regarding security issues that recently happened in iPhones.
Business Standard reports:
“China has not issued laws, regulations or policy documents that prohibit the purchase and use of foreign brand phones such as Apple’s,” foreign ministry spokesperson Mao Ning told a regular press briefing when asked about the reports.
“But recently we did notice a lot of media exposure of security incidents related to Apple’s phones. The Chinese government attaches great importance to information and cyber security and treats both domestic and foreign companies as equals,” she added.
It was not detailed what specific security issues the government of China is referring to, but it can be recalled that Apple implemented different updates recently to address various flaws spotted on its system.
One includes the issue discovered by Russian security software maker Kaspersky Lab. This led to Russia’s Federal Security Service’s accusation of the National Security Agency being the brain behind it. According to the researchers who divulged the flaw, it worked via an iMessage containing a malicious attachment. Kaspersky’s report added that it could lead to file modification and stealing, password extraction, and even viewing of the user’s location.
Last week, Apple also rolled out the iOS 16.6.1 update to resolve some security flaws in the iPhone system alongside a reported zero-day exploit Pegasus spyware could formerly use to compromise iPhone devices running the iOS 16.6 update. According to the Cupertino giant, iOS 16.6.1 comes with solutions for the CVE-2023-41061 and CVE-2023-41064 flaws detected in Apple’s Wallet app and Image I/O framework, respectively. In its report, Apple shares that the two issues “may have been actively exploited,” adding they might lead to arbitrary code execution.
The two CVEs are linked to the exploit chain reported by a group called Citizen Lab (via TechCrunch). According to the group, the actively exploited vulnerability was reportedly used to bring NSO Group’s Pegasus mercenary spyware to iPhone devices. The group named the exploit chain BLASTPASS, detailing its severity in the blog shared recently with the public.
“The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” the group wrote in the blog. “The exploit involved PassKit attachments containing malicious images sent from an attacker iMessage account to the victim.”