Skip to content
BLOG

iOS 9.3 certificate security vulnerability patched

SMDM Team
SimpleMDM team|March 22, 2016
Security Article 2 Background
Security Article 2 Background
Sections

    Note: Among a number of enhancements released with iOS 9.3, a security vulnerability discovered by the SimpleMDM team has also been patched.

    The vulnerability CVE-2016-1766, discovered in October of last year, allowed an untrusted MDM profile to be considered as trusted. This permitted third parties to falsely identify themselves and appear as trusted by iOS. The vulnerability was rated CVSS 10, the highest vulnerability score possible based on impact and exploitability.

    Upon identifying this vulnerability, we verified our service was not and would not be affected. We then followed responsible disclosure guidelines, which involves notifying appropriate parties of the issue privately and providing them time to patch the vulnerability.

    SMDM Team
    SimpleMDM team

    The SimpleMDM team creates practical guides for IT professionals managing and securing Apple devices at work. Built for admins, by admins, our content is grounded in real-world experience and focused on making Apple device management simpler across macOS, iOS, and iPadOS environments. As a cloud-based mobile device management (MDM) solution, SimpleMDM helps teams deploy devices with zero-touch enrollment, enforce security policies, manage apps and configurations, and automate routine tasks so that devices stay secure, up to date, and ready to use from day one.

    Related articles

    generalnewbanner

    Apple Intelligence: How secure is Private Cloud Compute for enterprise?

    GENERAL IT

    Apple logo on a gray background

    Apple streamlines MDM migrations in iOS 26 and macOS 26

    GENERAL IT

    Blue SimpleMDM cloud logo

    SimpleMDM product announcement: Dynamic groups

    PRODUCT