Apple fixes bug that lets hackers take control of iPhone, Apple Watch and Mac

The CoreGraphics bug allowed hackers to take over Apple devices just by showing a picture

Apple's latest update fixes a bug that lets hackers take over iPhones, iPads and Macs after showing a picture to users.

The bug, called CoreGraphics, and was disclosed yesterday by security specialist Marco Grassi, of Keen Lab.

In an advisory on Apple's support forum, the tech giant warned that the flaw allows hackers to create a jpeg file that takes advantage of a memory bug, running code on the user's device when it displays a hacked picture.

All it took was for users of an Apple device to open a jpeg or PDF file that contained the malicious code, and hackers would be allowed control over their device.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Attackers could launch the attack remotely, with no form of authentication required.

Apple's iOS 10.1 software update contains a fix for this bug, and is available for iPhone 5 and later generations of iPhones, iPad 4 and later generations, and iPod touch 6 and later generations.

Other updates for Apple watchOS, macOS and tvOS also appear to solve the problem.

For those running iOS, the release includes updates that tackle 12 CVE-listed security vulnerabilities.

IT Pro approached Apple for comment, but had received none at the time of publication.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/business-strategy/33311/apple-launches-new-tv-gaming-and-finance-services
Business strategy

Apple launches new TV, gaming and finance services

25 Mar 2019
Visit/hardware/laptops/354509/apple-macbook-pro-16in-review-a-little-bigger-a-lot-better
Laptops

Apple MacBook Pro 16in review: A little bigger, a lot better

10 Jan 2020
Visit/mobile/23617/the-best-smartphones-to-buy
Mobile

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

24 Dec 2019
Visit/hardware/354336/the-it-pro-products-of-the-year-2019-all-the-years-best-hardware
Hardware

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/microsoft-windows/354526/memes-and-viking-funerals-the-internet-reacts-to-the
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020
Visit/network-internet/broadband/354530/openreach-offers-free-full-fibre-installation-for-thousands-of
broadband

Openreach offers free full-fibre installation for thousands of homes

14 Jan 2020