Wow!! That is pretty fuc*ed up: Impact: Processing an image may lead to arbitrary code execution
The very first jailbreak was from a similar exploit, so all someone has to do was visit a website via safari, drag the ever so familiar slide to unlock slider across, triggering the said image to be loaded, and jailbreak the device.
Render time arbitrary execution bugs have also existed in fonts and other benign sounding media types, on all OS and platforms. This is really not that special and is just another high impact security bug that got patched.
It would load a PDF in safari. Back in the good old days of jailbreak.me.
I thought it was reference to tiff in a png? It's been far too long, but you're right, PDF was certainly also a vector in a slightly later incarnation I remember :)
Just a rule of thumb; ALWAYS update your perpetually-connected internet devices when new security updates are pushed.
to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!
Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple
Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode
Community banner courtesy of u/Antsomnia.