Anyone can send you a text or imessage (whatever that is) with a crafted
webp image and p0wn your whole device: no clicks or user interaction required.
Quick comment on this. iOS 16 added a "lockdown mode" feature https://support.apple.com/en-us/HT212650, which disables a bunch of device features likely to be used for 0 days like this one.
Notable quote relating to the iMessage attack vector:
Apple’s Security Engineering and Architecture team has confirmed to us,
that Lockdown Mode blocks this particular attack. https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/#:~:text=We%20believe%2C%20and%20Apple%E2%80%99s%20Security%20Engineering%20and%20Architecture%20team%20has%20confirmed%20to%20us%2C%20that%20Lockdown%20Mode%20blocks%20this%20particular%20attack.
If you're the type of person who reads CVE pages, you should consider enabling lockdown mode. I've had it enabled since the day it was released with no major issues.
On Wed, Oct 4, 2023 at 9:18 PM Trevor Cordes trevor@tecnopolis.ca wrote:
On 2023-10-05 Adam Thompson wrote:
Err... all the UNIX versions of Chrome are vulnerable, too. And iOS and iPadOS both still uses a heck of a lot of FreeBSD kernel and libc, under the hood. -Adam
Ya, but the main point is the no-click no-action "push" aspect of the vulnerability unique to *phones*. Hacker can text you something you have no control over and BOOM. So the browser and other client stuff is a bit less critical.
The chatter on this bug is that a lot of iOS devices in the wild IRL got hit with this hack to install Pegasus spyware. Of course, you'd never know at all that you were one of those...
Not sure if Android has the same vulnerability -- you'd think it does? But the stuff I'm seeing blasted all over the place is Apple specific. Maybe they just hate Apple. _______________________________________________ Roundtable mailing list Roundtable@muug.ca https://muug.ca/mailman/listinfo/roundtable