BestOfGeeks: Warning Your iPhone Can Get Hacked Just by Opening a JPEG Image or PDF or Font File 

Warning Your iPhone Can Get Hacked Just by Opening a JPEG Image or PDF or Font File


Noredine BAHRI
Noredine BAHRI
  • Technical Writer
  • Entrepreneur
  • Founder and CEO
  • Developer
  • Blogger and IT Analyst
2016-10-30 20:50:03

| Share
| Share
| Share
Warning Your iPhone Can Get Hacked Just by Opening a JPEG Image or PDF or Font File

What's worse than knowing that innocent looking JPEGs, PDFs and font files can hijack your iPhone, iPad, and iPod.

Yes, attackers can take over your vulnerable Apple's iOS device remotely – all they have to do is trick you to view a maliciously-crafted JPEG graphic or PDF file through a website or an email, which could allow them to execute malicious code on your system.

That's a terrible flaw (CVE-2016-4673), but the good news is that Apple has released the latest version of its mobile operating system, iOS 10.1, for iPhones and iPads to address this remote-code execution flaw, alongside an array of bug fixes.


And now that the company has rolled out a security patch, some hackers would surely find vulnerable Apple devices to exploit the vulnerability and take full control of them.

So, users running older versions of iOS are advised to update their mobile devices to iOS 10.1 as soon as possible.

Besides this remote code execution flaw, the newest iOS 10.1 includes security updates to address 11 security flaws in the firmware for the iPhone, iPad, and iPod Touch.

Those flaws include local code execution vulnerabilities, a remote code execution bug in WebKit (CVE-2016-4677), a flaw in contacts (CVE-2016-4686) that would allow an application to pull Address Book details even when access has been revoked.

To update your iOS device go to Settings → General → Software Update.


 

Security Updates for Mac, Apple Watch, and AppleTV


Apple has also released security updates for Mac PCs, Apple Watches and Apple TVs.
 

So, Mac users are advised to update their system to macOS Sierra (10.12.1), which includes security fixes for 16 CVE-listed vulnerabilities.

Those weaknesses include an image-handling bug (CVE-2016-4673), a denial of service (DoS) error in Nvidia graphics card drivers, a bug that exposed the length of user passwords and Remote Code Execution (RCE) flaws that could be triggered by font files and PDF files, among others.

Meanwhile, Apple Watch users are recommended to update their devices to watchOS 3.1, which includes fixes for 8 security flaws.

Those flaws include 2 vulnerabilities in sandbox profiles that could allow third-party apps to view image libraries and sound files without permission.

AppleTV users are also advised to update their devices to tvOS 10.0.1, which includes patches for 10 vulnerabilities, including the WebKit remote code execution flaw, the sandbox profiles flaws, and the CoreGraphics JPEG flaw.

So get your Apple device patched before getting caught by hackers.


WTF is the dark web?
WTF is the dark web?
WTF is the dark web?

.
First trailer Rampage : New Adventure For The Rock fights giant beasts
First trailer Rampage : New Adventure For The Rock fights giant beasts

Sit back, relax and watch the 30-foot wolf and 1,000-pound gorilla wreck Chicago as the 1986 arcade game comes to life.   (adsbygoog


First trailer Rampage : New Adventure For The Rock fights giant beasts
The 4 Best Eating Plans You Need in Place This Thanksgiving

In the week leading up to Thanksgiving, I talk to many patients about how to approach the big day in a way that balances their two competing prioritie


First trailer Rampage : New Adventure For The Rock fights giant beasts
USA Senators troll Facebook with fake ad campaign

Senators Mark Warner (Va.) and Amy Klobuchar (Minn.) created a Facebook page for a fictional political group — Americans for Disclosure Solution


First trailer Rampage : New Adventure For The Rock fights giant beasts
10 Picture Of The Newest Lamborghini Most Outrageous Super Extreme Idea

he newest, most outrageous, “super extreme” idea from Lamborghini is a box. Well, metaphorically. The Italian supercar giant unveiled a


First trailer Rampage : New Adventure For The Rock fights giant beasts
Apple tactics to let developers offer discounts on in-app subscriptions

Apple plans to give developers more freedom over the introductory pricing levels of in-app subscriptions. As referenced in the iOS 11.2 beta release n


First trailer Rampage : New Adventure For The Rock fights giant beasts
SAMSUNG Given $120 M To APPLE in slide-to-unlock patent battle

After many years of fighting in the courts, Apple has finally claimed victory over Samsung to the count of $120 million. The case revolved aro



© 2013-2017 best of geeks. All rights reserved.