Second Stagefright Attack (Averted?)

A serious vulnerability was discovered today with a common picture file type called “Tagged Image File Format, or TIFF.  It is an older type of file, but you probaly have many of then somewhere in your computer right now.  Every now and then, a new way to hack a computer is discovered before any bad guys figure it out. Thankfully, that happened in this case.

The vulnerability was reported yesterday by Tyler Bohan of Cisco Talos.   He said:

The Tagged Image File Format (TIFF) is a file format that is popular with graphic artists, photographers and the publishing industry because of its ability to store images in a lossless format. TIFF was created to try to establish a common scanned image file format in the mid 1980s. Cisco Talos has discovered a vulnerability in the way in which the Image I/O API parses and handles tiled TIFF image files. When rendered by applications that use the Image I/O API, a specially crafted TIFF image file can be used to create a heap based buffer overflow and ultimately achieve remote code execution on vulnerable systems and devices.

Image files are an excellent vector for attacks since they can be easily distributed over web or email traffic without raising the suspicion of the recipient. These vulnerabilities are all the more dangerous because Apple Core Graphics API, Scene Kit and Image I/O are used widely by software on the Apple OS X platform.

Tyler Bohan of Cisco Talos

Good news is: it’s already fixed. The catch is, you must run the latest update on every computer you own.

Take the next 5 minutes and do this:

Macbook:
https://support.apple.com/en-us/HT201541

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s