Apple Remote Code Execution with Image Files

I will remind people again that the issue lays within upstream libraries such as libxml and have the potential to affect not just Apple (although everyone loves to target a single brand), but other operating systems and software, remember to keep your software up to date across the board.<p>Security is everyone&#x27;s problem.

I was about to post that these exploits should be substantially mitigated by iOS sandboxing (you can get arbitrary code execution, but can&#x27;t get out of the exploited process&#x27;s sandbox without a second exploit), but then saw CVE-2016-4627 [1] also in the 9.3.3 release notes, which is a local privilege escalation exploit that allows arbitrary code execution with kernel privileges.<p>There&#x27;s not a ton of detail out there on the second exploit, so I&#x27;m not sure whether or not they can actually be paired to gain kernel privileges remotely. Still, more than enough reason to take these issues seriously and make sure you upgrade in a timely manner.<p>[1] <a href="http:&#x2F;&#x2F;www.securityfocus.com&#x2F;bid&#x2F;91831" rel="nofollow">http:&#x2F;&#x2F;www.securityfocus.com&#x2F;bid&#x2F;91831</a>

If you run an older version of OS X, does Apple supply security updates? How far back?<p>I run Mountain Lion (OS X 10.8.5) on one of my systems. For the longest time, whenever I click &quot;Software Update&quot;, it says that there are no updates (though it does offer OS X El Capitan as an upgrade).<p>I can understand that Apple or any company doesn&#x27;t want to support old software indefinitely, but if security updates <i>are</i> available as separate packages--without having to do a major OS upgrade--then you&#x27;d think that &quot;Software Update&quot; should offer it!

&gt; Image files are an excellent vector for attacks since they can be easily distributed over web ...<p>Reminds me of how easy it was to jailbreak the first iPhone (in 2007) with a malicious image. No computer required.<p>- Use a quick hack to enable WiFi on a brand new unactivated phone (for which you just paid full price).<p>- Visit a website with a malicious tiff file, Voila !<p>The best part : The above jailbreak also claimed that they patched the vulnerability after exploiting it.<p><a href="http:&#x2F;&#x2F;www.computerworld.com&#x2F;article&#x2F;2539680&#x2F;security0&#x2F;new-iphone--ipod-touch--jailbreak--app-patches-critical-tiff-bug.html" rel="nofollow">http:&#x2F;&#x2F;www.computerworld.com&#x2F;article&#x2F;2539680&#x2F;security0&#x2F;new-i...</a>

Since nobody else has said it yet, it looks like most, if not all, of these vulnerabilities would not have happened were the libraries written in Rust.

Which version of iOS is fully patched?<p>Which version of OS X is fully patched?<p>Has this even been fixed yet?

This is legit, kids. Take it seriously and upgrade.

I&#x27;m on vacation and only have access to tethered data. Can I just upgrade firefox, or do I need to upgrade OSX?

Has this exploit been seen in the wild?

Quick, someone rebuild jailbreak.me!