Apple plans on fixing a VPN security issue in its iOS 13.4.1 update, according to a report from The Verifier.
The bug, first discovered in iOS 13.3.1, exposed user data even when a VPN was enabled on the device.
ProtonVPN has contacted Apple, which acknowledged the bug and is working on remediating it.
“Typically, when you connect to a virtual private network (VPN), the operating system of your device closes all existing Internet connections and then re-establishes them through the VPN tunnel,” writes ProtonVPN.
The security vulnerability prevents VPNs from encrypting all traffic, which could result in user data being leaked if the connections are not encrypted. However, IP address leaks are more common. Servers you connect to can see your real IP address instead of the VPN server’s.
If you’re already connected to a VPN, internet connections made afterwards are not affected. However, connections that are already running before you connect to the VPN server may continue running outside the VPN tunnel.
Here’s what you can do to terminate existing connections that may be living outside the VPN tunnel, though it isn’t 100% guaranteed:
1. Connect to a VPN server.
2. Turn on airplane mode to kill all existing connections.
3. Turn off airplane mode, and the connections should reconnect inside the VPN tunnel.
For more information, visit ProtonVPN.