Essential security updates for Mac and iOS

Posted in: Apple, Computing Services, Security

A critical vulnerability affecting both Apple iOS and OS X has been discovered that could attack a device simply through opening an infected image file.

It is important that you update your Apple hardware as soon as possible so as to protect yourself from being affected by this vulnerability. We'd like to stress that at this stage, this is merely a proof-of-concept and there's no evidence to suggest that this exploit has thus far, been used in the wild, but it's likely to only be a matter of time before this vulnerability is exploited, so get patching today in order to keep your devices and data protected.

It is comparable in terms of its severity and ease-of-infection to last year's Android vulnerability called Stagefright, which was described as "the worst Android vulnerability ever". Apple have released a fix in versions iOS 9.3.3, El Capitan 10.11.6, tvOS 9.2.2 and watchOS 2.2.2 but it is believed to be present in all previous versions, so the number of affected devices is significant.

The vulnerability was discovered by Cisco Talos who released the information to Apple so that they could fix the vulnerability before the information was made public to the world. A potential attacked could use a wide range of routes including iMessages, malicious web pages, MMS messages, or other malicious file attachments opened by any application that makes use of the standard Apple Image rendering library. More details are on this blog post.

 

 

Posted in: Apple, Computing Services, Security

Respond

  • (we won't publish this)

Write a response