Skip to main content

Why You Should Update to the Latest iOS, OS X Versions Immediately

Why You Should Update to the Latest iOS, OS X Versions Immediately

HIGHLIGHTS

  • Cisco's Talos Intelligence security unit found the image-based bug
  • The bug can be used for undetected remote code execution
  • Image file formats are tiff, bmp, dae, and OpenEXR
A Cisco researcher has highlighted vulnerabilities in iOS,OS X, tvOS, and watchOS. These operating systems are said to be vulnerable to malware that's been embedded in an image file. The malware, which can allegedly run undetected, allows the attacker to achieve remote code execution on the infected system.
Cisco Talos' Tyler Bohan said that users could receive the file via MMS or email, or even be exposed to it when it's placed on a malicious webpage. The remote code execution vulnerabilities were found in the way Apple operating systems access image data using APIs - specifically, Apple Core Graphics API, Scene Kit, and Image I/O.
Image formats that can be used to exploit these vulnerabilities are tiff (tagged image file format), bmp (bitmap), dae (digital asset exchange), and OpenEXR. While the tiff and bmp formats can infect OS X, iOS, watchOS, and tvOS; OpenEXR and dae can infect only OS X machines.
Luckily for users of the above-mentioned Apple operating systems, the Cupertino-based company has patched all the vulnerabilities in the latest versions - iOS 9.3.3, OS X El Capitan v10.11.6, tvOS 9.2.2, and watchOS 2.2.2. If you are currently running a version older than these, it is highly recommended you update to the latest version to avoid the vulnerabilities.
Bohan on the Talos Intelligence blog post described why the vulnerabilities are especially bad. "Image files are an excellent vector for attacks since they can be easily distributed over Web or email traffic without raising the suspicion of the recipient. These vulnerabilities are all the more dangerous because Apple Core Graphics API, Scene Kit and Image I/O are used widely by software on the Apple OS X platform," he said.

Comments

Post a Comment

Popular posts from this blog

Airtel To Offer Free 3GB Mobile Data Per Month to Bring Customers to Its 4G Network

  03 January 2017 HIGHLIGHTS Offer is valid to both existing and new Airtel subscribers Both prepaid and postpaid users can avail the benefits Customers will get 3GB of free data over and above their pack Airtel on Tuesday unveiled an offer under which users can avail of free mobile data worth up to Rs. 9,000 for 12 months. The offer is meant to attract users to the  Airtel 4G  network, and is targeted at 4G handset users currently on other networks, as well as Airtel customers upgrading to a new 4G handset. India's biggest telecom operator, Airtel said that the free data offer will be available across India starting Wednesday, and will be valid till February 28. Under the free data offer, customers will get 3GB of free data every month till December 31, 2017, as long as they are using select Airtel 4G prepaid and postpaid plans. Airtel is providing the free mobile data over and above the subscribed plan's benefits. Free ...
Post a Comment
Read more

Nokia 6.1 Gets a Price Cut in India Ahead of Next Week's Nokia 6.1 Plus Launch

  Dated: 18 August 2018   HMD Global is selling the Nokia 6.1 at a reduced price in India via its official site Highlights Nokia 6.1 seen to get up to a Rs. 1,500 price cut 3GB RAM variant is priced at Rs. 15,499 & the 4GB model costs Rs. 17,499 Nokia 6.1 Plus has been spotted online ahead of its launch Nokia 6.1 Plus is expected to be unveiled in India on August 21 and ahead of the launch, Nokia licensee HMD Global has dropped the price in India of the Nokia 6.1 or Nokia 6 (2018). Launched in India in April, the Nokia 6.1 was globally unveiled at MWC 2018 in February, but had first been launched in China in January. Later in May, HMD Global had launched another variant of the smartphone. Now, both the variants have received up to a Rs. 1,500 price cut in India. Meanwhile, Nokia 6.1 Plus, the global variant of Nokia X6 that was launched in China in May, has now surfaced online with that name. ...
Post a Comment
Read more

Hello Moto: A Look Back at Six Classic Moto Phones

  12 December 2016 HIGHLIGHTS Motorola was the first company to ship a cellphone Its biggest hit was the Moto RAZR V3 Today, Motorola is a part of Chinese electronics giant Lenovo Recently, we relived the past with Nokia’s most memorable phones of all time. Although there may be a lot of fanboys and fangirls of the Finnish brand, many have equally strong feelings for the daddy of all mobile phone brands - Motorola. Its name will forever be etched in history as the  first company  to sell a mobile phone - the DyanTAC 8000X - in 1983. Since then, Motorola has been an easily identifiable brand to almost everybody in the world. Its designs were often strikingly unique and at the same time, Motorola phones often gave out a vibe that these devices mean business. Today, we’ve handpicked some of the most memorable Motorola phones we’ve come across. Here are our picks for the six most memorable Motorola phones of all time. 1) Motorola ...
Post a Comment
Read more