According to a new report, Apple may release a small iOS 13.4.1 update later this week to squish a nasty bug on iPhone, iPad and iPod touch that has caused data and IP addresses in virtual private networks (VPN) to be exposed.
The Verifier reported Tuesday that the upcoming iOS 13.4.1 update will plug a security hole in private VPN connections that permits sites to track users’ real information for minutes, and in some cases for several hours. The Verifier has been somewhat reliable in the past.
Last Wednesday, ProtonVPN disclosed the vulnerability in iOS 13.3.1 and later which allows attackers to reveal an iOS device’s data traffic despite a VPN being used to conceal it, causing data and IP addresses to be exposed.
It’s unclear whether the VPN vulnerability in iOS 13.3.1 will be fixed with iOS 13.4.1 and if that update perhaps addresses another, currently unknown VPN vulnerability.
For the sake of completeness, there has been no beta release of iOS 13.4.1 thus far. Neither Apple’s official changelog for the iOS 13.4 update nor its accompanying security document mentions VPN fixes (iOS 13.4 does pack a small improvement that adds a handy indicator in the iOS status bar to display when VPN has disconnected (only available on notched iPhone models).
There should be four more minor updates until iOS 14 arrives this September, according to the publication, meaning these updates will go up to version 13.4.4 before iOS 14 released commercially.
Depending on the VPN that you choose to use, your information may not actually be as secure as you think it is. Not all VPNs are as secure as others, and this is especially the case with free VPN services that tend to track information about your web browsing activity to sell to third parties, whether anonymous or not, in order to pay for their servers.
Do you use a VPN service on iOS or macOS? If so, which one?
Let us know in the comments down below!