Feeds

Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit

Plus: iThings and desktops at risk of NEW SSL attack flaw

Build a business case: developing custom apps

Apple has released updates to its iOS and OS X operating systems that address serious security flaws.

The company said the iOS 7.1.1 upgrade will include, as well as some stability updates, fixes for 19 security flaws.

One of those vulnerabilities is a "triple handshake" error in iOS SecureTransport – which is part of the OS that provides SSL/TLS encryption for stuff sent across the internet. The flaw, which also affects OS X 10.8.5 and 10.9.2, effectively allows a network snooper to maliciously inject data into a supposedly secure connection.

According to Apple, the bug allows an eavesdropper "to establish two [SSL] connections which had the same encryption keys and handshake, insert the attacker's data in one connection, and renegotiate so that the connections may be forwarded to each other".

Also fixed were a flaw in IOKit that leaked kernel pointers – handy for jailbreaking tools – and a possible login cookie disclosure flaw in the iOS HTTPProtocol component. According to Apple: "Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie."

Leveraging the IOKit bug requires the attacker, or jailbreaker, to be running code on the vulnerable device, whereas the SecureTransport and HTTPProtocol flaws can be exploited be anyone managing a point along the network chain, such as an evil Wi-Fi point in a cafe.

WebKit bugs affecting iOS Safari app and others

Meanwhile in the iOS 7.1.1 update, 16 WebKit flaws are fixed, many of which were previously addressed by Apple for the desktop version of the Safari web browser earlier this month. Much like that desktop patch, the iOS update credits discovery of 10 of the flaws to members of Google's security team.

The worst of the WebKit flaws could allow an attacker to remotely execute code on an iThing that visits a maliciously crafted web page. Some resourceful modders have in the past used such flaws to streamline the jailbreaking process on iOS devices.

The iOS 7.1.1 update can be applied to gadgets running iOS 7.1, including iPhone 4 and later models, iPad 2 or later, iPad mini, and iPod touch 5th generation and later. Users can obtain the update in iOS at Settings > General > Software Update component.

Along with that bug-squashing come stability fixes for the fingerprint-recognizing Touch ID, improve on-screen keyboard responsiveness, and resolves a compatibility issue between Bluetooth keyboards and the VoiceOver screen-reading capability.

OS X security updates

Users running OS X should also update their Macs. Apple released a separate security update for OS X which addresses the aforementioned HTTPProtocol, IOKit and severe SecureTransport SSL flaws, along with 10 other fixes for vulnerabilities in components of OS X Mountain Lion (10.8) and Mavericks (10.9), which could allow for elevation of privilege and remote code execution.

On computers running OS X 10.8.5, opening a PDF with specially crafted font data could result in remote-code execution or a crash – effectively allowing miscreants to hijack Macs by sending over dodgy documents to victims. OS X 10.9.2 can be pwned by opening a malicious JPEG thanks to a buffer overflow bug in the operating system's ImageIO component.

A bug in CoreServicesUIAgent on OS X 10.9.2 allows hackers to execute code on victims' machines by making them click on a special URL. The tech giant admitted: "A format string issue existed in the handling of URLs. This issue was addressed through additional validation of URLs."

The Intel Graphics Driver on OS X 10.8.5 and 10.9.2 doesn't validate a pointer from userspace properly, allowing an application running on a vulnerable system to take control of the Mac. Keypresses are now ignored while the machine goes to sleep in OS X 10.9.2, allowing the system to lock properly.

And last, but not least, Apple says "maliciously crafted applications can execute arbitrary code outside the sandbox", thanks to a flaw in WindowServer. Mac users should patch as soon as possible now that these bugs are known. ®

The Essential Guide to IT Transformation

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.