Posts

iOS 8

Apple has released the latest version of its mobile OS on Wednesday, and in it has fixed over 50 vulnerabilities, many of which are very serious:
Two vulnerabilities allowed a local attacker to escalate privileges and install unverified (likely malicious) applications
A validation issue in the handling of update check responses allowed an attacker with a privileged network position to cause an iOS device to think that it is up to date even when it is not
Two vulnerabilities in CoreGraphics made it possible for a maliciously crafted PDF file to terminate apps or execute arbitrary code
Several vulnerabilities in the IOHIDFamily kernel extension made it posible for a malicious app to read kernel pointers, which can be used to bypass kernel address space layout randomization, or to execute arbitrary code with system privileges (the latter was also made possible by the existence of several IOKit bugs)
A Libnotify bug allowed a malicious application may be able to execute arbitrary code with root privileges
Two Safari vulnerabilities made it possible for attackers and websites to intercept or harvest user credentials
12 WebKit bugs could have been misused by attackers to execute arbitrary code on the device by simply creating a malicious website and tricking users into visiting it.
With iOS 8, Apple has also updated its certificate trust policy and has randomised the MAC address to prevent potential device tracking attacks via passive WiFi scans.

If you can, it’s a good idea to update to iOS 8, because all these bugs remain unpatched in all earlier version of the OS.

More information:
http://www.net-security.org/secworld.php?id=17378
http://support.apple.com/kb/HT6441

iOS 7.0.2 – fixes lock screenvulnerability

iOS 7.0.2 is now available and addresses the following:

Passcode Lock
Available for: iPhone 4 and later
Impact: A person with physical access to the device may be able to
make calls to any number
Description: A NULL dereference existed in the lock screen which
would cause it to restart if the emergency call button was tapped
repeatedly. While the lock screen was restarting, the call dialer
could not get the lock screen state and assumed the device was
unlocked, and so allowed non-emergency numbers to be dialed. This
issue was addressed by avoiding the NULL dereference.
CVE-ID
CVE-2013-5160 : Karam Daoud of PART – Marketing & Business
Development, Andrew Chung, Mariusz Rysz

Passcode Lock
Available for: iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to the device may be able to
see recently used apps, see, edit, and share photos
Description: The list of apps you opened could be accessed during
some transitions while the device was locked, and the Camera app
could be opened while the device was locked.
CVE-ID
CVE-2013-5161 : videosdebarraquito

This update is available through iTunes and Software Update on your iOS device.

OS X Mountain Lion v10.8.4 Security update

Apple have released their latest update for OS X, 10.8.4, which contains the following security updates:

SMB (Write files outside shared directory)
Ruby (Arbitrary Code Execution)
QuickTime (Arbitrary Code Execution)
QuickDraw Manager (Arbitrary Code Execution)
OpenSSL (DoS, decrypting your SSL traffic, and private key disclosure)
Disk Management (a local user can disable file vault)
Directory Service (Arbitrary Code Execution)
CUPS (Read/Write arbitary files with system privileges)
CoreMedia Playback (Arbitrary Code Execution)
CoreAnimation (visiting a webpage can cause Arbitrary Code Execution)

Along with this, a lot of security issues for Safari has been addressed such as being able to log in to previously accessed sites even if Private Browsing was used.

More information:
http://support.apple.com/kb/HT5784

iOS 6.1.3 Released

iOS 6.1.3 has been released, and fixes six security issues (for example the “partly unlock your iphone without entering your code” issue and and a flaw in WebKit that can be used to execute arbitrary code). It’s recommended to update as soon as possible.
You can update by going to Settings, General, Software Update and then download the latest version.

More information:
http://support.apple.com/kb/ht1222
http://nakedsecurity.sophos.com/2013/02/15/unlock-iphone-without-password/

OS X (v10.8.3), Security update 2013-001 and Safari Webkit updated to 6.0.3

Apple has released security updates for OS X (v10.8.3), security update 2013-001 and security updates for Safari Webkit 6.0.3 to address multiple vulnerabilities. The vulnerabilities could potentially allow remote attackers to execute arbitrary code, bypass authentication, leverage additional attacks, cause a denial-of-service condition, obtain sensitive information or have an unexpected application termination or arbitrary code execution by visiting a maliciously crafted website. It is recommended that you update your software to the latest versions through the use of Software Update.

More information:
http://www.apple.com/softwareupdate/
http://support.apple.com/kb/HT5671
http://support.apple.com/kb/HT5672