|It became known that hackers are now able to take over any Apple device through a simple iMessage or email thanks to a flaw in the way software handles images. Speaking technical language, the flaw allows a malicious TIFF file to force a so-called “buffer overflow”, enabling a hacker to break through Apple’s security and run their own code.
Security experts noted that the vulnerability in question is especially concerning, because it can be triggered in any app using the Apple Image I/O API when rendering tiled TIFF images. For example, most applications (including Messages, MMS, Safari, Mail, etc.) on an iPhone use the Image I/O API to render pictures, leaving them all vulnerable.
Depending on the method of delivery, this flaw can be exploitable through methods that don’t require explicit user interaction, because many apps, including iMessage, automatically try to render received images in default configurations.
Once the image is viewed, the hacker is able to gain full control of the device, steal passwords and other data, most likely without the user knowledge.
Apple released software updates for all of its devices, including Apple TV to address the vulnerability, but users who have not updated are still vulnerable to attack. In addition, the iOS update is not available for the iPhone 4 and older models, so they remain at risk. Overall, according to some estimations, there are 1bn iOS devices around the world which will be affected by this security hole if their owners fail to update.
In the meantime, Google’s Android faced similar security holes dubbed Stagefright, which also affected about 1bn devices. In that case, the updates required to fix the flaw were slowly released through various smartphone manufacturers and mobile operators.
Saturday, July 23rd, 2016
|posted by (2016-07-24 03:43:04)|
|I think whoever is writing these programs might be doing it on purpose. How do you make such a mistake without it being obvious? Windows 8 was originally designed to be remotely accessed till too many people started figuring it out. It's like a never ending game of cat and mouse!|
|even more interesting adblock doesn't work at all now ! lol||
Most Popular Stories