The Other Apple Announcement, A Fix For A Zero-Click iMessage Bug

Source: The Register The Other Apple Announcement, A Fix For A Zero-Click iMessage Bug

Patch That Unhackable iOS Device Before You Get … You Know

Amongst the hype of new iWatches, iPads and other shiny new iThangs it is possible you missed hearing about two bugs which Apple has just released patches for.  If you did miss that message, or simply haven’t acted on it you should get updating ASAP as neither bug is good to have.  There are attackers on the internet current exploiting both vulnerabilities, so the sooner the better.

The first is yet another co-click iMessage bug which will run code after you receive a malformed PDF document in iMessage.  You don’t even have to click anything to get infected, receiving the iMessage is enough to trigger the integer overflow and execute code.  The second involves Apple’s WebKit rendering engine, a malformed website can make use of a use-after-free vulnerability to execute arbitrary code on your device, again without you needing to interact with anything.

PC users should also peek at updates for Chrome as The Register’s article suggests, to avoid a set of vulnerabilities in that browser as well.

Apple on Monday issued security patches for its mobile and desktop operating systems, and for its WebKit browser engine, to address two security flaws, at least one of which was, it is said, used by autocratic governments to spy on human rights advocates.

Video News

About The Author

Jeremy Hellstrom

Call it,, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!