- Khloé Kardashian angers followers with a calorie-counting joke about True 3 Years Ago
- Spider-Man may no longer be part of the Marvel Cinematic Universe 3 Years Ago
- Robert De Niro’s company is suing ex-employee for binge-watching Netflix at work Today 4:41 PM
- Intentionally misgendering a character could get you banned from Borderlands 3 Today 4:06 PM
- Facebook pulls Trump re-election ad for targeting ‘strong women’ Today 4:03 PM
- Kamala Harris says she will restore net neutrality if elected Today 3:16 PM
- All 8 of the ‘Rocky’ movies, ranked Today 2:50 PM
- Everything you need to know about the Facebook conservative bias report Today 2:35 PM
- Study links emoji use to more sex Today 2:10 PM
- The chicken sandwich war is in full throttle on Twitter Today 1:47 PM
- Netflix’s ‘Sextuplets’ proves Marlon Wayans is no Eddie Murphy—or even Mike Myers Today 1:31 PM
- Facebook is finally rolling out its clear history tool Today 1:13 PM
- ‘Theater etiquette’ tweets surge after YouTuber cast in ‘Waitress’ Today 12:55 PM
- A GoFundMe for Eric Garner’s killer has raised more than $70,000 Today 12:49 PM
- YouTuber finds GoPro footage of man who drowned in 2017 Today 12:20 PM
This is the Apple security flaw you should actually be worried about
Don’t worry, Apple’s release of iOS 9.3 patches up this unfortunate hole.
On Monday, the University of Johns Hopkins published a report revealing a flaw in Apple’s iMessage service. It was resolved the same day with the release of iOS 9.3, but a bigger, more dire flaw exists within this week’s disclosures that would allow a hacker remote code execution over Wi-Fi. The bug, ID CVE-2016-0801, is described as:
The Broadcom Wi-Fi driver allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets.
This means that hackers connected to your Wi-Fi network could infiltrate your device and begin executing harmful code. It’s the same security lapse that, up until last month, was present on Android Nexus devices. Google considered the issue to be critical:
Multiple remote execution vulnerabilities in the Broadcom Wi-Fi driver could allow a remote attacker to use specially crafted wireless control message packets to corrupt kernel memory in a way that leads to remote code execution in the context of the kernel. These vulnerabilities can be triggered when the attacker and the victim are associated with the same network. This issue is rated as a Critical severity due to the possibility of remote code execution in the context of the kernel without requiring user interaction.
There has been a lot of discussion surrounding the security of Apple devices with its ongoing fight against the FBI and encryption policies. Thankfully, Apple hasn’t been too bogged down with that to roll out a patch for this issue in the iOS 9.3 update that first became available midday on Monday. If you haven’t yet updated to the latest version of iOS, now would definitely be the time to do so.