iOS 10.2 正式版除了推出新功能外,還修補了12個安全漏洞!

ios-10-2-twelve-vulnerabilities

美國Apple(蘋果)公司在今日凌晨正式釋出iOS 10.2正式版本,除了增加不少功能,像是電視App、100多個emoji表情符號、新的iMessage特效等,不過在這些新功能外,另外本次iOS 10.2正式版本的修正報告中,還修補了高達12個安全漏洞。

在本次漏洞中,造成嚴重安全系統性漏洞代碼為CVE-2016-7626與CVE-2016-4690。

漏洞代號CVE-2016-7626,是本次iOS 10.2中最重要修補的一項漏洞,該漏洞能透過郵件(Mail) APP或Safari瀏覽器直接開啟含有惡意的描述檔認證,就會導致記憶體造成損毀,間接能允許任意程式執行,此漏洞在iOS、tvOS與watchOS上都會造成影響。這項漏洞最明顯的案例,就是在先前曾經報導過的「小心iXintpwn假iOS 9.3.2-iOS 10.1.1越獄工具,真惡搞iOS設備」事件,就是透過該漏洞來惡搞iOS系統。

不過這項代碼最初是由推特用戶@Ben Hawkes所公佈,詳細可再參考底下針對該漏洞更進一步的細節說明。

另外一個漏洞代號CVE-2016-4690,是透過USB影像處理裝置的驗證問題,有心人士可針對人機介面裝置(HID)隨意執行程式代碼。

 

iOS 10 越獄漏洞還在?要升級嗎?

至於iOS 10越獄有沒有被修補?

Luca Todesco在12月初時候要用戶先不要升級至iOS 10.2,最主要原因就是因為Luca Todesco所找到的漏洞被修補,但目前盤古手中握有的漏洞,似乎還沒有太大動靜,就算現在升級至iOS 10.2,無人保證後續推出的iOS 10越獄會是在關閉iOS 10.1.1後才推出。

如想停留在進可攻、退可守系統版本,建議停留在iOS 10.1.1,至於有些iOS 10.0-iOS.1用戶還不想升級至iOS 10.1.1也都容易導致不時出問題,像是FaceBook安裝或升級時候要求要iOS 10最新版本錯誤發生,又或者是越獄環境建議升級至最新可越獄版本,在越獄時出問題就相對減少很多,從過去iOS 9越獄經驗來看,就不少非iOS 9.3.3越獄用戶造成無法順利越獄問題,導致白白浪費了一個越獄機會。

機會是掌握於自己手上,要不要升級最終還是取決於個人,必經升級iOS 10不會花太多時間,現在要升級到iOS 10.1.1,就僅能透過電腦iTunes,透過先下載iOS 10.1.1的iPSW來手動升級。

iOS 10.2 正式版安全修正清單

來源:https://support.apple.com/fr-fr/HT207422

Accessibility

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: A nearby user may be able to overhear spoken passwords

Description: A disclosure issue existed in the handling of passwords. This issue was addressed by disabling the speaking of passwords.

CVE-2016-7634: Davut Hari

Accessibility

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: A person with physical access to an iOS device may be able to access photos and contacts from the lock screen

Description: A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device.

CVE-2016-7664: Miguel Alvarado of iDeviceHelp

Accounts

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: An issue existed which did not reset the authorization settings on app uninstall

Description: This issue was addressed through improved sanitization.

CVE-2016-7651: Ju Zhu and Lilang Wu of Trend Micro

Find My iPhone

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: An attacker with an unlocked device may be able to disable Find My iPhone

Description: A state management issue existed in the handling of authentication information. This issue was addressed through improved storage of account information.

CVE-2016-7638: Sezer Sakiner, an anonymous researcher

Graphics Driver

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: Watching a maliciously crafted video may lead to a denial of service

Description: A denial of service issue existed in the handling of video. This issue was addressed through improved input validation.

CVE-2016-7665: Moataz El Gaml of Schlumberger, an anonymous researcher

Image Capture

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: A malicious HID device may be able to cause arbitrary code execution

Description: A validation issue existed in the handling of USB image devices. This issue was addressed through improved input validation.

CVE-2016-4690: Andy Davis of NCC Group

Local Authentication

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: The device may not lock the screen after the idle timeout

Description: A logic issue existed in the handling of the idle timer when the Touch ID prompt is shown. This issue was addressed through improved handling of the idle timer.

CVE-2016-7601: an anonymous researcher

Mail

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: An email signed with a revoked certificate may appear valid

Description: S/MIME policy failed to check if a certificate was valid. This issue was addressed by notifying a user if an email was signed with a revoked certificate.

CVE-2016-4689: an anonymous researcher

Media Player

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: A user may be able to view photos and contacts from the lockscreen

Description: A validation issue existed in the handling of media selection. This issue was addressed through improved validation.

CVE-2016-7653

Profiles

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: Opening a maliciously crafted certificate may lead to arbitrary code execution

Description: A memory corruption issue existed in the handling of certificate profiles. This issue was addressed through improved input validation.

CVE-2016-7626: Maksymilian Arciemowicz (cxsecurity.com)

SpringBoard

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: A person with physical access to an iOS device may be able to unlock the device

Description: In some cases, a counter issue existed in the handling of passcode attempts when resetting the passcode. This was addressed through improved state management.

CVE-2016-4781: an anonymous researcher

SpringBoard

Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later

Impact: A person with physical access to an iOS device may be able to keep the device unlocked

Description: A cleanup issue existed in the handling of Handoff with Siri. This was addressed through improved state management.

CVE-2016-7597: an anonymous researcher

 

▼ 如喜歡瘋先生教學歡迎加入粉絲團 ▼

★★ 除了粉絲團外,另也可以一起加入由瘋先生開設的臉書社團點我加入,裡面會有不少高手會一起跟大家互動,並回答問題。 ★★


★ 聲明:本文版權所有,非經瘋先生授權,不得轉載!如在其他網站上看見此篇教學,表示該篇文章為盜文,建議請回到mrmad.com.tw網站上觀看教學。

你可能有興趣的文章