A Cisco researcher has just found out that hackers can sneak into iOS or Mac devices, gaining control over the internal storage and passwords by using just a single image file. Using this vulnerability, hackers can even control Macs, which don’t support sandboxing, remotely.
Being referred to as “Apple Remote Code Execution With Image Files”, this vulnerability can be exploited by hackers to land into iOS, Mac OS X, tvOS, and watchOS systems using The Tagged Image File Format (TIFF). A TIFF image can specially be crafted so as to contain a Malware (Malicious Software). The image then can be sent by any means to the victim or it can just be placed on a web page to which the victim could be directed.
Tyler Bohan of Cisco Talos, mentions on his blog, “When rendered by applications that use the Image I/O API, a specially crafted TIFF image file can be used to create a heap-based buffer overflow and ultimately achieve remote code execution on vulnerable systems and devices.”
In order to protect themselves, users need to update their operating systems to the latest versions (i.e iOS 9.3.3, El Capitan 10.11.6, tvOS 9.2.2 and watchOS 2.2.2).
TIFF is a useful format, particularly famous among photographers and graphic designers who use it to save the image without losing any of the image’s data. This specialty causes the size to get relatively bigger.
Image — Business Insider
The Sindh Assembly was informed that over 28,500 employees of the provincial government were unlawfully…
The Monetary Policy Committee (MPC) of the State Bank of Pakistan decided to cut the…
The Securities and Exchange Commission of Pakistan (SECP) is organizing the Pakistan Startup Summit, which…
On October 31, 2024, Halloween was celebrated worldwide, and the holiday spirit still lingers. Pakistan…
Pakistan Suzuki Motor Company (PSMC) has announced the discontinuation of the widely favored Graphite Grey…
According to the most recent Henley Passport Index, Pakistan's passport is still one of the…
Leave a Comment