[Resolved] ISDK-172497: iOS 12 Devices incorrectly reported as compromised during wired backup





The VMware Workspace ONE Teams have received reports devices being erroneously flagged as compromised on certain devices running iOS 12 while performing a wired backup through iTunes. This issue may occur with the VMware AirWatch Agent, Workspace ONE app, AirWatch Container or any of the VMware Workspace ONE productivity apps. The table below outlines all affected versions:

Application Version

VMware AirWatch Agent for iOS

 5.8.1 and below

VMware Workspace ONE for iOS

 3.3.2 and below

VMware Boxer for iOS

 4.15.2 and below

VMware Content Locker for iOS

 4.14 and below

VMware Browser for iOS

 6.16.1 and below

VMware PIV-D Manager for iOS

 1.2 and below


To prevent devices from being incorrectly unenrolled due to false compromised status detection, the Workspace ONE Team recommends temporarily disabling the Compromised Protection settings under Groups & Settings > All Settings > Apps > Settings & Policies > SDK App Compliance. For those on Workspace ONE UEM Console 9.7+, this can be found under Groups & Settings > All Settings > Apps > Settings & Policies > Security Policies > Compromised Protection (please refer to the knowledge base article here).

Disabling Compromised Protection will prevent immediate unenrollment of devices when they are reported as compromised (even for false positives). End-users should be informed to avoid doing wired encrypted backups in iTunes until the issue is resolved and the apps are updated.

Alternatively, to track and detect compromised devices, a compliance policy can be created to detect compromised devices, at which point, Admins can be notified to take an action.



Fix Version

This issue has been resolved with the release of VMware Workspace ONE SDK 18.3.4 for iOS.

Other Languages: 日本語

Have more questions? Submit a request


Article is closed for comments.