iOS 9.3.3 Fixes Critical Security Flaw: Details inside


#1

iOS 9.3.3 Fixes Critical Security Flaw That Could Allow Password Theft: Just One Text Can Steal Your iPhone Passwords

Apple has already patched this loophole in iOS 9.3.3, which is yet another reason to ensure all iPads and iPhones are updated to the latest version of iOS in a timely manner always. With iOS 10 just around the corner – September is the expected release month – that too will contain the patch for this particular exploit.

What is it?

  • iOS users should be wary of a security hole that could allow hackers to gain access to a device remotely, giving them a door through which passwords could be stolen.
  • Those who are at risk, and subsequently targeted, could see Wi-Fi passwords as well as any password entered via Safari be compromised.
  • The same security hole is said to be found within Mac OS X, tvOS and watchOS, meaning all of Apple’s operating systems are, or at least were, vulnerable.

How it works?
·
“Cisco Talos senior security researcher Tyler Bohan found the critical bug in ImageIO, which is used to handle image data. An attacker could create an exploit – a little program that takes advantage of vulnerabilities – and send it via a multimedia message (MMS) inside a Tagged Image File Format (TIFF). Once received, the hack would launch. The user would have no chance of detecting the attack, which would begin to write code beyond the normal permitted boundaries of an iPhone’s texting tool.”

What you need to do?

  • If you want to be completely safe from this exploit, you will have to make sure you update all your Apple devices to latest versions of iOS 9.3.3, tvOS, watchOS and OS X as Apple’s latest release includes a patch for this critical security flaw.

Source