Apple has pushed an update to iOS 11.2 to its users. Users should consider pushing any updates that are recommended by the manufacturer, as there is usually a reason behind the update, and many times it is to fix a vulnerability. This is true with the most recent update to iOS 11.2.

A vulnerability in HomeKit was recently discovered that allows unauthorized individuals (i.e., hackers) to control IoT capabilities, such as smart locks, garage door openers, lights, thermostats and plugs through the HomeKit platform. This means that when you are able to remotely activate the security system in your residence or open and close your garage door with your smartphone, a vulnerability allows an unauthorized person to be able to do that remotely. This is an obvious concern for personal safety.

The vulnerability is reported to only affect the HomeKit framework, not all IoT smart products. Apple has fixed the vulnerability in the most recent update to iOS 11.2, but it is only fixed if the update to iOS 11.2 is pushed by the consumer. So if you use the HomeKit framework, be aware of the vulnerability and consider accepting the fix.

[View source.]