2021.12.16 : ALL APPLE DEVICES trivial to remotely take over using a clever iMessage text of a malware PDF with a GIF suffix, and in the PDF a black and white JBIG2 malware image with a BUILT IN EMULATED CPU and MEMORY space that can read and write to system RAM in iOS devices to root them!

Posted by smartypants in Tech

2021.12.16 : ALL APPLE DEVICES trivial to remotely take over using a clever iMessage text of a malware PDF with a GIF suffix, and in the PDF a black and white JBIG2 malware image with a BUILT IN EMULATED CPU and MEMORY space that can read and write to system RAM in iOS devices to root them! Thanks, Israeli NSA! Apple is enraged!

NO DEFENSE!!!

You would have to rip out iMessage somehow.

Google Says NSO Pegasus Zero-Click 'Most Technically Sophisticated Exploit Ever Seen'

https://www.securityweek.com/google-says-nso-pegasus-zero-click-most-technically-sophisticated-exploit-ever-seen

Apple Diversity Hires as always, probably created these "weak links". It is trivial to validate the first 8 bytes of a GIF, PNG, or JPG, but not if your first name is La'Quisha.

Your Apple devices already are rooted by many nation states by now!

Hurray for Diversity Hires adding crappy code running at system level on a formerly secure Mach Unix OS.

1

Comments

You must log in or register to comment.

TallestSkil wrote

I mean, it was fixed a while ago, but yes, this seems like something that whites wouldn’t have allowed to happen.

1