Kaspersky Lab has discovered a vulnerability in the kernel of Darwin, an open-source component of both the OS X and iOS operating systems.<\/p>\n
This \u201cDarwin Nuke\u201d vulnerability leaves OS X 10.10 and iOS 8 devices exposed to remotely-activated denial of service (DoS) attacks that can damage your device and impact any corporate network to which it is connected.<\/p>\n
Kaspersky advised users to update devices to OS X 10.10.3 and iOS 8.3, where this vulnerability has been patched.<\/p>\n
Kaspersky Lab said\u00a0devices affected by the threat include those with 64-bit processors and iOS 8: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, and iPad mini 3.<\/p>\n
For the \u201cDarwin Nuke\u201d vulnerability to be exploited, an attacker would need to send an Internet Protocol packet of a specific size with invalid IP options.<\/p>\n
After processing the invalid network packet, the system will crash.<\/p>\n
Kaspersky Lab said its researchers discovered that the system will only crash if the IP packet meets the following conditions:<\/p>\n
\u201cAt first sight, it is very hard to exploit this bug, as the conditions attackers need to meet are not trivial ones. However, persistent cybercriminals can do so, breaking down devices or even affecting the activity of corporate networks,\u201d said Anton Ivanov, senior malware analyst at Kaspersky Lab.<\/p>\n
\u201cRouters and firewalls would usually drop incorrect packets with invalid option sizes, but we discovered several combinations of incorrect IP options that are able to pass through the Internet routers,\u201d Ivanov added.<\/p>\n
Sweep your office for bugs, there are spies about<\/strong><\/a><\/p>\n British Airways passenger accounts hacked<\/strong><\/a><\/p>\n