Apple fixes bug that lets hackers take control of iPhone, Apple Watch and Mac

The CoreGraphics bug allowed hackers to take over Apple devices just by showing a picture

Apple's latest update fixes a bug that lets hackers take over iPhones, iPads and Macs after showing a picture to users.

The bug, called CoreGraphics, and was disclosed yesterday by security specialist Marco Grassi, of Keen Lab.

In an advisory on Apple's support forum, the tech giant warned that the flaw allows hackers to create a jpeg file that takes advantage of a memory bug, running code on the user's device when it displays a hacked picture.

All it took was for users of an Apple device to open a jpeg or PDF file that contained the malicious code, and hackers would be allowed control over their device.

Advertisement
Advertisement - Article continues below

Attackers could launch the attack remotely, with no form of authentication required.

Apple's iOS 10.1 software update contains a fix for this bug, and is available for iPhone 5 and later generations of iPhones, iPad 4 and later generations, and iPod touch 6 and later generations.

Other updates for Apple watchOS, macOS and tvOS also appear to solve the problem.

For those running iOS, the release includes updates that tackle 12 CVE-listed security vulnerabilities.

IT Pro approached Apple for comment, but had received none at the time of publication.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/business-strategy/33311/apple-launches-new-tv-gaming-and-finance-services
Business strategy

Apple launches new TV, gaming and finance services

25 Mar 2019
Visit/hardware/33929/jony-ive-a-retrospective
Hardware

Jony Ive: A retrospective

29 Nov 2019
Visit/hardware/34606/apple-ipad-102in-2019-review-the-ipad-grows-up
Hardware

Apple iPad 10.2in (2019) review: The iPad grows up

10 Oct 2019
Visit/hardware/30623/apple-imac-pro-review-the-return-of-the-king
Hardware

Apple iMac Pro review: The return of the king

2 Sep 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019