The security issue with HomeKit devices has been fixed.
Apple released the iOS 11.2 update to supported iPhone and iPad models last week, introducing Apple Pay Cash to everyone in the US, and faster wireless charging speeds for iPhone 8 and X. the update also fixed many bugs, such as the date and calculator bugs discovered in previous versions.
But there is a vulnerability discovered in iOS 11.2 allowing unauthorized access to Home Kit accessories. The bug allowed remote access to accessories like locks if you updated to iOS version 11.2.
A week after iOS 11.2 hit the general public, 9to5Mac reported that Apple addressed the vulnerability as a server-side update. You don’t need to update anything manually, as all issues have been fixed server side. The patch temporarily disables remote access for shared users, but another update expected next week will re-introduce the feature without any possible security issues.
HomeKit as a platform debuted in 2014, and today it includes many types of devices like locks, sensors, cameras, thermometers, and more. All these accessories could be controlled with voice commands thanks to iOS’s Siri assistant and the mobile apps.