Apple fixes JPEG, PDF executable flaw in iOS 10.1 which allowed hackers full control

A beta of iOS 10 was released back in June following its release in September to the general public, and sometime after, miscreants managed to hijack users devices, simply by viewing manipulated JPEG or PDF files. Apple released iOS 10.1 yesterday, however users who have not, or are waiting to update are advised to do so as soon as possible.

The attack is quite simple, unfortunately. All that is required is to trick a user in opening a maliciously crafted JPEG or PDF file embedded within an email or website. A memory corruption issue in the CoreGraphics library provided a vector for arbitrary code execution, which could then be leveraged to take over vulnerable devices

While this does raise concerns, don't fret too much. Apple has patched the flaw in the latest iOS 10.1 update, and the company is urging users to update their iOS devices as soon as possible. Unfortunately, if you are still running any Apple devices incompatible with iOS 10 , your device is still vulnerable to the attack. It is reported that earlier versions of iOS still carry the vulnerability, which is labeled CVE-2016-4673.

Source: The Hacker News

Report a problem with article
1477468946_screenshot_(26)
Next Article

.NET Core 1.1 Preview 1 now available; adds support for macOS 10.12, Linux Mint 18 and others

shutterstock_289149647
Previous Article

Police nab wannabe dark web hitman

11 Comments - Add comment

Advertisement