Security PSA: Update your iPhone, iPad, and Mac now

Cisco's Talos security team has identified a number of exploits that affect both Apple's iOS and Mac OS X devices, and potentially enable hackers to remotely execute malicious code through the use of image files. Apple has however already released software updates for both iOS and Mac OS X that address these vulnerabilities.

iOS 9.3.3 and OS X 10.11.6 are the updates that you'll want to install if you have an iPhone, iPad, or a Mac. iOS devices can be updated by opening the Settings app, tapping on General, and selecting Software Update. Macs can be updated through the App Store app.

While the vulnerabilities discovered by the Talos team affect BMP, TIFF, OpenEXR, Digital Asset Exchange files, experts suggest that the bug isn't necessarily easy to exploit in a reliable way. Comparisons have been made to Stagefright (a similar vulnerability found in Android, which would hackers to hijack a phone via MMS), but an iMessage / MMS vector of attack on iOS has yet to be proven.

The Talos team was however able to however create a proof of concept to exploit the vulnerability through images rendered in Safari on OS X.

Though the risk might not be massive at present, it's always a good idea to keep the software on your phones, tablets, and PCs up to date.

Post Horizontal Banner




Leave a Reply

Your email address will not be published.