Apple fixes bug that lets hackers take control of iPhone, Apple Watch and Mac

The CoreGraphics bug allowed hackers to take over Apple devices just by showing a picture

A close up shot of a MacBook keyboard

Apple's latest update fixes a bug that lets hackers take over iPhones, iPads and Macs after showing a picture to users.

The bug, called CoreGraphics, and was disclosed yesterday by security specialist Marco Grassi, of Keen Lab.

In an advisory on Apple's support forum, the tech giant warned that the flaw allows hackers to create a jpeg file that takes advantage of a memory bug, running code on the user's device when it displays a hacked picture.

All it took was for users of an Apple device to open a jpeg or PDF file that contained the malicious code, and hackers would be allowed control over their device.

Attackers could launch the attack remotely, with no form of authentication required.

Apple's iOS 10.1 software update contains a fix for this bug, and is available for iPhone 5 and later generations of iPhones, iPad 4 and later generations, and iPod touch 6 and later generations.

Other updates for Apple watchOS, macOS and tvOS also appear to solve the problem.

For those running iOS, the release includes updates that tackle 12 CVE-listed security vulnerabilities.

IT Pro approached Apple for comment, but had received none at the time of publication.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Apple doubles down in the US with $430 billion investment
business intelligence (BI)

Apple doubles down in the US with $430 billion investment

27 Apr 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
Apple patches exploited iOS and macOS WebKit flaws
zero-day exploit

Apple patches exploited iOS and macOS WebKit flaws

4 May 2021
Component shortage bites Apple, but M2 chip could still arrive soon
Hardware

Component shortage bites Apple, but M2 chip could still arrive soon

30 Apr 2021

Most Popular

Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021