While Apple has built a credible stance regarding users’ privacy, a bug has recently made shown otherwise. As discovered, an unpatched vulnerability existed in recent iOS versions that stopped VPNs from entire traffic encryption. Hence, it triggered the possibilities of IP and information leak of those using VPNs.
Reportedly, ProtonVPN has recently disclosed a yet unpatched vulnerability in iOS halting traffic encryption by VPNs. Elaborating their findings in an advisory, they stated that the bug affected iOS 13 versions, specifically, iOS 13.3.1 and later.
The bug existed because the said iOS versions do not stop existing internet connections on the device after connecting to a VPN. Ideally, the device operating system closes all existing connections as soon as a VPN connection gets established.
Even after connecting to a VPN on vulnerable devices, the existing connections may continue outside the VPN for a brief period. According to the researchers,