Apple’s latest iOS 10.3 release patches a flaw that can be used to repeatedly dial a phone number, accidentally exploited last year to redial 911 call centers.
Last October, Meetkumar Hiteshbhai Desai, acting on a tip about a potential iOS flaw, wrote and shared code that caused target iPhones to continually dial 911 emergency call centers. Shortly after the code was published, the Arizona Police Department received more than 100 hang-up 911 calls within a few minutes.
The Maricopa County Sheriff’s Office traced the calls and discovered they originated from a link Desai posted to Twitter. Users who clicked the link would find their iPhone automatically dial emergency services. The massive call volumes had the potential to shut down 911 services across Maricopa County.
In previous versions of iOS, the call would be automatically triggered if the user clicked on a phone number within an app like Twitter or Message. In iOS 10.3, Apple has put a secondary confirmation screen in place to reduce the potential of unintended calls.