It has only been a few days since Apple rolled out iOS 13, and a few red flags have already been raised. Although it is a norm for a new software update to have bugs, which are then fixed with follow-up updates, iOS 13 comes with some security risks that are more than an inconvenience to end-users. Now, Apple has a warning for millions of iPhone and iPad users about a potential bug in its iOS 13.
Apple notified iPhone and iPad users running the latest iOS 13 about a security flaw that allows third-party keyboards to get "full access" to your iPhones and iPads even without your approval.
"Third-party keyboard extensions in iOS can be designed to run entirely standalone, without access to external services, or they can request "full access" to provide additional features through network access. Apple has discovered a bug in iOS 13 and iPadOS that can result in keyboard extensions being granted full access even if you haven't approved this access," Apple said in an advisory note on Tuesday.
However, if you do not rely on third-party keyboard apps like Microsoft's SwiftKey or Google's Gboard, you have no reason to worry. Apple confirmed that the bug doesn't affect the official iOS keyboard. Users can see the third-party apps affected by this issue by navigating into the Settings > General > Keyboard > Keyboards.
In case you're wondering how granting full access to third-party keyboards can affect you, imagine everywhere the keyboards are used. From banking apps to private chats and even a simple web search, keyboards are essential. And with "full access," keyboard makers could capture keystroke data or anything you type and send it back to their servers.
What's worse is that Apple does not have a fix yet, but it assured users that an upcoming software update will address the security flaw even though it didn't say when. So, if you have a third-party keyboard on your iPhone running iOS 13, it's best to uninstall it and switch to the stock iOS keyboard. At least for the time being.
Apple appears to have a lot of work to do on its new software. The latest security issue comes only days after an independent security researcher Jose Rodriguez revealed a flaw in iOS 13 that could grant access to the contacts while bypassing the iPhone's lock screen. The issue appears to be fixed in iOS 13.1.