Bluetooth itself is a massive, overlooked security vulnerability.
If you've bought into the false notion that any sort of ironclad security is somehow built into Apple products, you are sorely mistaken.
Apple kinda "informs" people about changes. You did not read the Product Security notes on the update, did you? About the security content of iOS 11 - Apple Support Obviously, any gaps in security are the users fault...
Another bluetooth item is top of the list and a previous massive issue with bluetooth is tucked under WiFi since its all the same Broadcom chip.
Released September 19, 2017
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to access restricted files
Description: A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.
CVE-2017-7131: Dominik Conrads of Federal Office for Information Security, an anonymous researcher, Anand Kathapurkar of India, Elvis (@elvisimprsntr)
Entry updated October 9, 2017
Wi-Fi
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-11120: Gal Beniamini of Google Project Zero
CVE-2017-11121: Gal Beniamini of Google Project Zero
Did you know there are many thousands of registered vulnerabilities for Apple products that have been issued a CVE-ID and therefore are part of the standardized repository that catalogs all such exploits which is used by pretty much everyone from governments to private companies like Apple? https://cve.mitre.org