Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Security Flaws in Apple OS X and iOS

 

Systems Affected


Apple OS X
Apple iOS

Threat Level


Medium


Overview


Six university researchers have revealed four vulnerabilities affecting Apple OS X and iOS. These vulnerabilities could allow attackers to steal passwords and other credentials if successfully exploited.


Description


The vulnerabilities are:

1.Password stealing vulnerability
Allows a malicious app to steal the credentials that the user has entered in to the keychain when the user accesses the affected app.

2.Container cracking
Allows a malicious app to gain access to the secure container belonging to another app and steal data from it.

3.IPC interception
Allows a malicious app to claim the network port used by a legitimate application and intercept data intended for it, such as password or other sensitive information.

4.Scheme hijacking
Allows a malicious app to steal access tokens and passwords.


Impact


Passwords, authentication tokens and other sensitive and private information could be stolen if one of the vulnerabilities is successfully exploited.


Solution/ Workarounds


  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.


References


https://drive.google.com/file/d/0BxxXk1d3yyuZOFlsdkNMSGswSGs/view?pli=1
http://www.imore.com/depth-look-ios-os-x-xara-vulnerabilities
http://www.imore.com/xara-exploits-mac-iphone-and-ipad-and-what-you-need-know
http://www.theregister.co.uk/2015/06/17/apple_hosed_boffins_drop_0day_mac_ios_research_blitzkrieg/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.