Notes
Notes - notes.io |
Talos researcher Tyler Bohan has apparently shown five remote code execution vulnerabilities in OS X in TIFF, OpenEXR (which has two vulnerabilities), XML-based Digital Asset Exchange and even the humble BMP.
Bohan calls the TIFF vulnerability "especially concerning" as it can be triggered in any application that makes use of the Apple Image I/O API when rendering tiled TIFFS (i.e. quite a lot). Web pages, MMS and iMessages all do this.
The exploit can also be achieved without any direct user interaction, such as by iMessages which are automatically rendered on a device on arrival.
OpenEXR's exploit involves using the flexibility of the image format, which was developed by Industrial Light and Magic, to make Apple Image I/O write image information outside the designated memory buffer. This can allow remote code execution.
Meanwhile, Digital Asset Exchange files can be specially created and sent to Apple's 3D graphics framework SceneKit, but interpreted as another file type entirely.
"In these circumstances it is possible to perform operations on the incorrectly typed object that accesses out of bounds memory. This vulnerability can be exploited to then cause remote code execution on the device," said Bohan.
Bitmaps, despite their almost prehistoric structure, can be exploited to misreport size information and cause an out of bounds memory write, again resulting in code execution when combined with an application using Apple Core Graphics API.
Sophos' Paul Ducklin has also sounded his security alarm, likening the exploit to Stagefright.
"Well, it seems that Stagefright has come to Macs and iPhones," he said. "The bottom line, therefore, is that your iDevice or Mac is almost certainly vulnerable if you haven’t installed the very latest update yet."
OS X Mavericks 10.9.5, Yosemite 10.10.5 and El Capitan 10.11.5 are the main victims of these exploits, but Digital Asset Exchange also has problems with El Capitan 10.11.4.
Apple iOS version 9.3.2, as well as watchOS 2.2.1 and even tvOS 9.2.1, are affected as far as iOS devices go.
Apple has released iOS 9.3.3 to squash the bug., and the Talos advice is to upgrade as soon as possible. These are fairly sticky exploits, particularly the TIFF one that requires no human intervention to execute.
And don't forget that iOS 10 is coming soon. Here's how to access the public beta. μ
|
|
Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 12 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
