Apple Releases Fix for iOS
Thursday, July 2, 2015 @ 04:07 PM gHale
Apple’s release of iOS 8.4 addresses over 30 security issues with most fixing potential arbitrary code execution problems.
Code ended up revised by Apple for Safari’s browser engine, the WiFi manager, the SQLite library, Safari, Mail, the OS kernel, FontParser, coreTLS, and CoreText.
Apple fixed an issue with Logjam, which allowed a man-in-the-middle attack that could lower the security of the Diffie-Hellman cryptographic key exchange mechanism to a weaker version.
Another fix relates to rogue SIM cards that could deliver malicious payloads, which could lead to execution of arbitrary code on the device. That flaw ended up reported by Matt Spisak of Endgame.
Also patched are several memory corruption problems that occurred when certain CoreText processes text files.
A memory management issue (CVE-2015-3721) reported by Ian Beer of Google Project Zero ended up updated in iOS 8.4. The potential risk associated with this was that an attacker could determine the kernel memory layout via a malicious application.
One problem in Safari, exploitable on devices still running earlier iOS versions, could lead to account takeover. Apple said the glitch came from the fact the browser maintained the origin request header for cross-origin redirects, which allowed a malicious website to bypass protection against CSRF (cross-site request forgery).
A couple of vulnerabilities reported by FireEye also ended up addressed, although the security company said the fix is only partial.
FireEye detailed the attacks (dubbed Manifest Masque and Extension Masque), explaining they could end up leveraged against users in a company receiving rogue apps developed in-house.