By navigating our site, you agree to allow us to use cookies, in accordance with our Privacy Policy.

A Simple Message Jabs the Security of Apple Devices

Apple Devices

Apple flaunts the most secured operating system and technology which hardly have space for loopholes. Questions uproar after Cisco Talos experts claim to have unearthed tens of vulnerabilities in OS X and iOS, including four security holes.

Among all one of the most serious issues is CVE-2016-4631, which is known to affect the ImageIO component in OS X 10.11.5 and prior, and iOS 9.3.2 and prior. Also, CVE-2016-4631 impacts the watchOS and tvOS operating systems, which are based on iOS.

The security researchers at Cisco claim that the flaw is related to how ImageIO processes called TIFF (Tagged Image File Format) files. The vulnerability can be exploited by cyber criminals for arbitrary code execution by sending the targeted user a specially crafted image file which triggers a heap-based buffer overflow.

Further reports say that the flaw in Apple’s operating systems could allow a hacker to gain access to users Mac or iPhone by sending an iMessage.

A researcher from Cisco Talos found the vulnerability in which a hacker could send a certain type of photo file, called a .TIF, which would give the hacker access to the device’s storage and passwords.

“This vulnerability is especially concerning as it can be triggered in any application that makes use of the Apple Image I/O API when rendering tiled TIF images, said Tyler Bohan from security firm Cisco Talos, according to The Guardian.

“Depending on the delivery method chosen by an attacker, this vulnerability is potentially exploitable through methods that do not require explicit user interaction, since many applications (ie iMessage) automatically attempt to render images when they are received in their default configurations,” he added.

The Cisco experts have also discovered CVE-2016-1850, an Apple SceneKit flaw which was patched in May, this year, alongside the release of OS X 10.11.5.

Tags

Niloy Banerjee

A generic movie-buff, passionate and professional with print journalism, serving editorial verticals on Technical and B2B segments, crude rover and writer on business happenings, spare time playing physical and digital forms of games; a love with philosophy is perennial as trying to archive pebbles from the ocean of literature. Lastly, a connoisseur in making and eating palatable cuisines.

Related Articles

Upcoming Events