This iOS bug might be stopping your VPN from keeping your browsing secure

News
By published

Apple says it is looking for options to fix unpatched bug

(Image credit: Future)

An unpatched bug in iOS version 13.3.1 or later is preventing VPNs from working properly, potentially opening up users to data breaches.

The vulnerability, disclosed by ProtonVPN, does not terminate a connection when the user connects to a VPN, meaning that if kept active, unencrypted data could be transferred and possibly intercepted.

Unencrypted data can easily reveal personal details like IP address, location, or even expose users and the servers to cyber-attacks.

iOS vulnerability

“Most connections are short-lived and will eventually be re-established through the VPN tunnel on their own," ProtonVPN explained. "However, some are long-lasting and can remain open for minutes to hours outside the VPN tunnel." 

Connections made after the VPN tunnel is activated remain secured and while most other OS terminate the existing connections, iOS for some reason keeps the old versions alive. 

Researchers at ProtonVPN cited an example of Apple’s push notifications which uses a process to communicate with Apple’s servers for a long time. This connection does not get terminated automatically and may affect any service or app on the user’s iOS device.

While this bug might not impact an average user, "people in countries where surveillance and civil rights abuses are common," are at high risk, ProtonVPN noted.

Due to security limitations, any third-party app or VPN cannot terminate these open connections on iOS. The report also suggests that Apple has acknowledged the VPN bypass vulnerability, and until it releases a solution, it recommends customers use an always-on VPN.

People who use other VPN apps can manually kill all the active connections by enabling and disabling Airplane mode after connecting to a VPN. While this workaround may kill most of the active connections, it may not be a 100% effective solution.

  • Let us help you pick the best VPN options

Via: BleepingComputer

TOPICS
Jitendra Soni
Jitendra Soni

Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.  

Latest in VPN Privacy & Security
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
Digital hand set location on map with two pins. AI technology in GPs, innovation delivery, map location, future transport logistic, route path concept. GPs point. New office location, change address
What does your IP address reveal about you?
A stethoscope next to a laptop on a pink background
How to check if your VPN is working
Teenager playing on a gaming PC with two monitors
Is using a VPN while gaming cheating? 5 myths you shouldn't believe about gaming with a VPN
Neon blue email symbols on a black background
Why am I suddenly getting so many spam emails?
A computer file surrounded by red laser beams
Cover your tracks: the risk of sending unencrypted files
Latest in News
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Google Gemini AI
Gemini can now see your screen and judge your tabs
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
More about vpn privacy security
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background

A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
Digital hand set location on map with two pins. AI technology in GPs, innovation delivery, map location, future transport logistic, route path concept. GPs point. New office location, change address

What does your IP address reveal about you?
Ugreen \00d7 Genshin Impact Kinich Collectible Gift Box and exclusive Genshin Impact merchandise.

Ugreen reveals exclusive Genshin Impact collection and they're some of the most eye-catching charging products I've ever used
See more latest
Most Popular
Ugreen \00d7 Genshin Impact Kinich Collectible Gift Box and exclusive Genshin Impact merchandise.
Ugreen reveals exclusive Genshin Impact collection and they're some of the most eye-catching charging products I've ever used
Zendesk Relate 2025
Zendesk Relate 2025 - everything you need to know as the event unfolds
Google Gemini AI
Gemini can now see your screen and judge your tabs
iFi iDSD Valkyrie in gold, on a beige desk
iFi's iDSD Valkyrie DAC wants to guide your music to the great hall of Valhalla
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
SDUNITED AX835-025FF mini PC
This mini PC with the incredible Strix Halo APU is yet another sign AMD may have given up on big brands for bleeding edge tech
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited