Apple Inc. has patched a serious vulnerability in its HomeKit smart home software framework that could allow malicious actors to hijack and control any device connected using the platform.

The “zero-day” or previously undiscovered vulnerability, first reported by 9to5Mac today, allowed unauthorized control of accessories such as smart locks and garage door openers. Described as “difficult to reproduce,” the vulnerability would allow a hacker to take full control of any smart home device, such as smart lights, thermostats and plugs too. But it’s the locks and garage door openers that would give a would-be burglar easy access to an Apple user’s house or business.

Strangely, the vulnerability seemingly occurred only as a result of software coding in the last version of Apple’s mobile software. The company said in a statement that the issue affecting HomeKit users running iOS 11.2 has been fixed. “The fix temporarily disables remote access to shared users, which will be restored in a software update early next week,” it explained.

The first Apple HomeKit enabled devices went on sale in June 2015 as the company Steve Jobs built aimed to take on the likes of Samsung Electronics Co. Ltd. and Google LLC in smart home devices. Since then, devices using HomeKit have grown, but according to figures published earlier this year, Apple has struggled to make a dent in the market.

Indeed, one analyst, Edison Investment Research’st Richard Windsor, said it was “losing badly,” primarily because it didn’t have a direct competitor to Amazon.com Inc.’s Echo and Google’s Home smart speakers. Apple addressed that gap by announcing its “HomePod” smart speaker in June, but ongoing delays in bringing the product to market continue to leave it behind its competitors.

The good news for the relatively few Apple HomeKit-enabled device users is that Apple’s solution does not require any action on their behalf. The patch for the vulnerability has been deployed at the server level, with further fixes said to be available shortly.

Photo: Pixabay