InfoSecBulletin Cybersecurity for mankind
Apple opposes the UK government’s idea to pre-approve new security features from tech companies. If the UK Home Office rejects an update, it cannot be released in any other country, and the public will not be informed.
The government is seeking to update the Investigatory Powers Act (IPA) 2016. The Home Office said it supported privacy-focused tech but added that it also had to keep the country safe.
GitLab Releases Patch (CVE-2025-0314) for XSS Exploit
CVE-2025-20156
Cisco Fixes Meeting Management Allowing Privilege Escalation
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
A government spokesperson said: “We have always been clear that we support technological innovation and private and secure communications technologies, including end-to-end encryption, but this cannot come at a cost to public safety.”
The House of Lords will discuss the proposed changes tomorrow. Apple says the UK government’s actions are unprecedented and too much.
“We’re deeply concerned the proposed amendments to the Investigatory Powers Act (IPA) now before Parliament place users’ privacy and security at risk,” said Apple in a statement.
“It’s an unprecedented overreach by the government and, if enacted, the UK could attempt to secretly veto new user protections globally preventing us from ever offering them to customers.”
BBC report said, “It is critical that decisions about lawful access, which protect the country from child sexual abusers and terrorists, are taken by those who are democratically accountable and approved by Parliament.”
Critics have called the current Act a “snoopers charter”. Apple has previously criticized similar proposals to expand its scope. Apple announced in July 2023 that it might remove services like FaceTime and iMessage from the UK if it had to compromise on future security.
The proposed UK law would cover all Apple products, not just FaceTime and iMessage.
In January, civil liberties groups such as Big Brother Watch, Liberty, Open Rights Group, and Privacy International issued a joint statement opposing certain parts of the bill.
The groups are worried that the proposed changes would make technology companies, even those outside the country, have to tell the government about any plans to enhance security or privacy on their platforms so the government can stop these changes.
“They claimed this would lead to private companies becoming extensions of the surveillance state and undermining the security of devices and the internet.”
The proposed changes are based on a review of current laws. They include updates regarding how intelligence agencies collect data and use internet connection records.
