iOS Security: Hackers Can Hijack iPhones Using JPEG, PDF Font Files

Apple released the latest updates to iOS, macOS, Apple Picket, and Apple tree Boob tube last night. The latest releases bring a number of regular improvements along with some of import security fixes. One of these fixes includes a patch for an iOS security vulnerability that attackers tin can exploit to take over the target device. All y'all'd demand to do is open a specially crafted JPEG or PDF file and poof! you will requite arbitrary code execution powers to hackers.

iOS security flaws let hackers to hijack using JPEG, PDF and font files

Available for: iPhone 5 and subsequently, iPad quaternary generation and later, iPod impact 6th generation and later (too, macOS Sierra 10.12)

Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution

Description: A retentiveness abuse upshot was addressed through improved retention treatment.

CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent

Other flaws that were patched with the release of iOS 10.i include a remote lawmaking execution bug in WebKit and local code execution vulnerabilities. One of the interesting patched flaws also include a bug that allowed "parsing a maliciously crafted font" that "may disclose sensitive user information."

One patch that is included in both the iOS and macOS releases is CVE-2016-4635. A remote sound eavesdropping vulnerability in FaceTime, Apple was previously assumed to have stock-still the flaw in earlier versions of iOS and OS X. "An aggressor in a privileged network position may be able to crusade a relayed call to continue transmitting audio while appearing equally if the call terminated," the security bulletin said. It is unknown if the latest patch is an update to previous security fix, or if iOS 10 and macOS Sierra were vulnerable to this bug.

After the patches are released to iOS security vulnerabilities, the chance of getting your devices infected also increases. Equally hackers become to learn nigh these vulnerabilities, it becomes absolutely disquisitional for users to install the available security fixes every bit soon as they are released. Head over toSettings >General >Software Updateto install the latest updates.

For more details, visit the complete iOS 10.1 security bulletin, or macOS Sierra ten.12.1.