Senior security researcher of Cisco Talos Tyler Bohan discovered a new serious vulnerability in the Apple devices, codenamed CVE-2016-4631. It is hidden in ImageIO - an API used to process image data in all "apple" operating systems, including iOS, macOS, watchOS and tvOS. With this vulnerability, attackers can access the user's personal information, including its authentication data, stored in the device's memory using a specially written message. This means that the hacker can find out information about Wi-Fi-networks, accounts, as well as e-mail addresses, logins and passwords to them. CVE-2016-4631 in many ways resembles the vulnerability Stagefright for Android.
The device is infected by sending the user malicious code encrypted in MMS via iMessage inside the Tagged Image File Format or through the Safari browser. Once the victim receives such a message, the virus begins its work. At the same time, no actions are required from the user, since applications automatically process images on receipt, and at this point the malicious code is launched. The most dangerous thing in a virus is that it is extremely difficult to detect such an attack.
Tyler Bohan said that this vulnerability is extremely critical. The user can not in any way prevent the receipt of MMS and the launch of malicious code. It is enough for an attacker to send such a message to the victim, and the virus will immediately start working as soon as the device is in the coverage area of the mobile network.
It's worth noting that iOS has built-in protection against malicious code, so an attacker is required to use jailbreak or superuser rights to gain full control over the mobile device. In macOS, there is no such protection, so this type of attacks are subject to absolutely all users.
The good news is that iOS 9.3.3 has already been shut down, so all Apple smartphone users should install this update as soon as possible.
No comments:
Write comments