/ Unlabelled / Vulnerability in OS X and iOS allows "crash" apps - Tech & Net

Vulnerability in OS X and iOS allows "crash" apps - Tech & Net

Posted by Unknown Minggu, 01 September 2013 0 komentar

Android is the target of several attempts of malware contamination in contrast to what happens on the Apple iOS platform. But that does not mean that Apple devices such as the iPhone and iPad, are immune to cyber threats. An article in the Russian site Habrahabr.ru draws attention to a very serious vulnerability that allows hackers to remotely crash applications on iOS 6, or even render them unusable.

discovered vulnerability is caused according to Hacker News community by a bug in the component font rendering Apple known as CoreText. Although the original site stating that the vulnerability is in web rendering engine “WebKit”, this is just one of the components affected because it uses CoreText to render text. The vulnerability affects all operating systems from Apple (including both the Mountain Lion OS X and earlier versions).

According to the information put forward by the Russian site to take advantage of this vulnerability can simply expose OSX or iOS apps to a large set of combinations of certain text strings malicious. This type of attacks commonly termed as DoS (Denial-Of-Service) intend to deny access to resources or apps to its users / members.

In particular, this type of attack can have more serious consequences due to being able to send one of the text strings by malicious SMS or iMessage app for any iPhone, iPad, iPod Touch and Mac Any of the above devices receive the message are repeatedly forced to crash those applications that process it difficult, or even impossible the reception of other legitimate messages.

The source of this news, the Safari browser is also confirmed as one of the software that is vulnerable to this bug. This attack can also be done effectively in a wireless environment. For example, a hacker can assign a name to a Wi-Fi network with a malicious text sequences, in order to trigger an error on an Apple device that is just searching for networks. This last attack scenario although it seems a bit unusual, takes advantage of the fact that the sequence must always be processed when either system (iOS or OS X) builds processes the list of wireless networks in order to show it to the user / user.

article of the site is asserted that Apple is aware of this vulnerability about six months and still do not bother to fix the vulnerability in any of its operating system available. The author notes, however, that the beta versions of iOS and OS X 7 Mavericks are apparently not affected by the bug.

It is interesting to note that is not the first time that this type of attack happens in Apple systems. In February this year, had discovered it required only 8 characters to crash a set of applications in OS X. Apparently these errors seem to come from the same component.

Via Hacker News
Source: Habrahabr.ru (Translated)

TERIMA KASIH ATAS KUNJUNGAN SAUDARA
Judul: Vulnerability in OS X and iOS allows "crash" apps - Tech & Net
Ditulis oleh Unknown
Rating Blog 5 dari 5
Semoga artikel ini bermanfaat bagi saudara. Jika ingin mengutip, baik itu sebagian atau keseluruhan dari isi artikel ini harap menyertakan link dofollow ke https://apk-zenonia5.blogspot.com/2013/09/vulnerability-in-os-x-and-ios-allows.html. Terima kasih sudah singgah membaca artikel ini.
Categories:

If You Like This Post, Share it With Your Friends

0 komentar:

Posting Komentar

Trik SEO Terbaru support Online Shop Baju Wanita - Original design by Bamz | Copyright of apk zenonia 5.
Diberdayakan oleh Blogger.