The security experts also explained that the “vulnerability is potentially exploitable through methods that do not require explicit user interaction”. There are many applications on Apple devices that render images by using this specific API, including Apple’s Mail, iMessages and Safari apps.
Advertisement
A terrible security flaw was recently found this week in Mac and iPhone, which enables hackers to gain unauthorized access to your tech device(s).
Image formats that can be used to exploit these vulnerabilities are tiff (tagged image file format), bmp (bitmap), dae (digital asset exchange), and OpenEXR. Updating to OS X 10.11.6 and iOS 9.3.3 addresses the issue, and Security Update 2016-004 patches the flaw for OS X Mavericks 10.9.5 and OS X Yosemite 10.10.5.
The company is warning of an unusual vulnerability right now, that can allows a hacker to get into your phone with an infected email or message.
The security bug on Android has been eventually patched.
However, there is one crucial difference between Android’s Stagefright and Apple’s newly discovered weakness. Where Apple controls all updates for its devices, Google is often at the mercy of service providers who decide when-or if-Android device users will get updates.
Cisco did not release details of the vulnerability until it was patched by Apple, but you should ensure all your devices are running the latest versions to ensure you are protected.
However, if you’re a user of Apple, be assured that your device will automatically notify and download updates to keep you safe from such malicious bugs.
The good news is that Apple did patch the image exploit before it had a chance to become more than a proof of concept, and the Talos crew waited until the patch was out to publish their findings.
Advertisement
Cisco managed to showcase how the vulnerability affects OS X, and stated that the similarity with iOS’ code might make the mobile device just as exposed to threats. Since Apple has its own application store, it has an edge in detecting many vulnerabilities unlike Android which has many third parties.
