Apple Security Bug Lets Hackers Nab Your Mac and iPhone Passwords With 1 Text

Apple’s latest software updates that were carried out earlier this week have been reported to contain factors that could possibly put the user in an extremely vulnerable position wherein the latter even stands the chances of getting their passwords hacked.

The issues especially affect Image IO, a programming interface that reads and writes image data. If an attacker were to send someone a MMS containing malicious code in any type of file format like TIFF, JPEG or PNG, then the code would start executing as soon as it was received.

This attack naturally gives the hacker the liberty to browse through and download portions of a computer’s memory, which could contain sensitive information such as passwords and login credentials.

‘This is very high severity issue,’ Craig Williams, senior technical lead and head of global outreach at Cisco said. ‘The fact that you have an exploit without any user interaction makes me very concerned. What makes iMessage insidious is that it cues it,’ he concluded. He also pointed out how the hack could also be delivered via other means such as email.

‘An attacker could send a thousand iMessages to victims and the second they turn their phones on they’re infected,’ Williams added.

Recent versions of iPhone’s iOS, Mac’s OS X El Capitan, Apple TV’s tvOS and Apple Watch’s watchOF software have been affected by this issue.

‘Exploitation wise, Talos estimates there is about a two-week effort to get from the information we disclosed publicly to a fully working exploit with a decent amount of reliability,” Tyler Bohan, the security researcher at Cisco Talos who uncovered and reported the bug, told Forbes.