Apple patches Stagefright-like vulnerability on iOS, OS X
An equivalent to Android’s Stagefright vulnerability has recently been spotted on iOS and OS X devices. It has since been patched, and security experts from Sophos are urging all Apple users to patch up as fast as they can to protect themselves from the serious flaw.
For those who are unfamiliar with it, Stagefright (in its multiple version) allowed a hacker to take over a victim’s Android smartphone by sending a message with an image or a video file. Long story short, it had something to do with the way Android managed images, and pretty much every Android version you can think of was vulnerable (many of them may still be).
Now, a similar thing happened on Apple’s operating systems, and if you don’t want your device taken over by somebody, you should patch up ASAP.
"It seems that Stagefright has come to Macs and iPhones, after a fashion", Sophos’ Paul Ducklin writes in a blog post. Ducklin compares ImageIO to Google’s libstagefright, Android’s multimedia software component which enabled the vulnerability.
“We sometimes hear from people who naively assume that once they get really out date, for example by sticking with Windows XP, even their exploitable vulnerabilities go stale and out of fashion; not so here", Ducklin adds. "Even if iOS malware were to take over just your Messaging app, and be constrained by iOS’s sandboxing to messaging data only, you could have plenty of personal information at stake".
Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.