When Niantic released the Pokemon GO Halloween event update, the developer also quietly introduced a new anti-cheat measure. This feature, called the “app blacklist,” allowed Pokemon GO to detect if third-party cheat apps were running on the smartphone or tablet. If cheat apps were detected, a warning would pop up informing the users that they must uninstall the offending apps in order to play the game.
But a new iOS update released by Apple seems to have disabled that feature by patching the vulnerability that allowed the Pokemon GO app blacklist to work. The iOS 11.1.1 update includes a patch for CVE-2017-13852 (‘Common Vulnerabilities and Exposures’) which “allows attackers to monitor arbitrary apps via a crafted app that accesses process information at a high rate.”
CVE-2017-13852 also means that “a malicious application may be able to learn information about the presence and operation of other applications on the device,” according to Pepijn Bruienne, a Mac enterprise administrator. Most importantly, iOS 11.1.1 fixes the infamous autocorrect bug that caused the letter ‘I’ to autocorrect to ‘A’ with a symbol on it.
For those that have already upgraded, the anti-cheat feature is currently unavailable for Pokemon GO players on iOS devices. However, it seems that the app blacklist is still up and running on Android devices at least.
Apple shipped an additional kernel vulnerability patch in the iOS 11.1.1 update: CVE-2017-13852 – "A malicious application may be able to learn information about the presence and operation of other applications on the device." So not just the viral autocorrect & Siri fix.