{"id":2716,"date":"2016-01-21T11:51:11","date_gmt":"2016-01-21T03:51:11","guid":{"rendered":"http:\/\/staging.bankvaultonline.com\/?p=2716"},"modified":"2016-01-21T11:51:11","modified_gmt":"2016-01-21T03:51:11","slug":"ios-and-mac-os-vulnerabilities-discovered","status":"publish","type":"post","link":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/","title":{"rendered":"iOS and Mac OS Vulnerabilities Discovered, Patched"},"content":{"rendered":"

Major iOS and Mac OS Vulnerabilities Expose Customers to Cyber Attacks<\/h2>\n

When it comes to Apple, sometimes it can be very hard to separate myth from reality. Even with Steve Jobs dearly departed (tip of the hat to his genius), the company itself seems to have retained its own reality-distortion field. This is true when it comes to iOS and Mac OS vulnerabilities.<\/p>\n

The myth of Apple invulnerability is so great that we bet you don’t know what this word means: ‘Gatekeeper.’ That is Apple’s anti-virus and malware software; and, boy does it have a weakness. Patrick Wardle, a security researcher with Synack, found a way to compromise Gatekeeper and access the Mac OS in 5 minutes. Five minutes.<\/strong><\/p>\n

It turns out, Apple is also drinking its own Kool-Aid. ‘Gatekeeper’ checks apps and applications to ensure they are they aren’t on an Apple blacklist. BUT, they don’t check the code. With all we know about how viruses hide<\/a> it’s hard to fathom why Apple would think this is sufficient protection.<\/p>\n

As part of this investigation,\u00a0Wardle\u00a0hitched a ride on a legitimate app that passed Gatekeeper’s whitelist of accepted apps. From there, all it takes is a fake Wi-Fi hotspot and a hacker could use that ‘legit’ app to inject malicious code into the Mac or iOS operating system. Apple released a ‘patch’ that merely blacklisted the ‘legit’ app that Wardle used to break into it. Apple has not yet changed the code of Gatekeeper to check the internal code of a white-listed app. Meaning, the weakness remains.<\/p>\n

All of this culminated on January 16, 2016, when Apple released updates to both Mac OS and iOS — (OS X 10.11.3 and IOS 9.2.1). According to the security firm Zimperium zLabs the update patches multiple<\/strong> classes of vulnerabilities. Not 1 vulnerability. Not 2. Multiple.<\/strong> Apple is now close to Microsoft Windows in that it is doing security updates almost once a month.<\/p>\n

So much for the myth of Apple invulnerability. So do yourself a solid. If you’re on iOS and Mac OS, download and install those updates. But secure your sensitive financial transactions through services like BankVault.<\/p>\n","protected":false},"excerpt":{"rendered":"

Major iOS and Mac OS Vulnerabilities Expose Customers to Cyber Attacks When it comes to Apple, sometimes it can be very hard to separate myth from reality. Even with Steve Jobs dearly departed (tip of the hat to his genius), the company itself seems to have retained its own reality-distortion field. This is true when […]<\/p>\n","protected":false},"author":2,"featured_media":2723,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37],"tags":[17,211,212,213,214,215],"class_list":["post-2716","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","tag-apple","tag-gatekeeper","tag-ios-vulnerabilities","tag-macos-vulnerabilities","tag-synack","tag-zimperium-zlabs"],"yoast_head":"\niOS and Mac OS Vulnerabilities Discovered, Patched - BankVault<\/title>\n<meta name=\"description\" content=\"Major iOS and Mac OS vulnerabilities expose customers to cyber attacks, security firm Synack finds. Apple's anti-virus software 'Gatekeeper' broken.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"iOS and Mac OS Vulnerabilities Discovered, Patched - BankVault\" \/>\n<meta property=\"og:description\" content=\"Major iOS and Mac OS vulnerabilities expose customers to cyber attacks, security firm Synack finds. Apple's anti-virus software 'Gatekeeper' broken.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/\" \/>\n<meta property=\"og:site_name\" content=\"BankVault\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/BankVaultOnline\/\" \/>\n<meta property=\"article:published_time\" content=\"2016-01-21T03:51:11+00:00\" \/>\n<meta name=\"author\" content=\"BankVault\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:site\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"BankVault\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"iOS and Mac OS Vulnerabilities Discovered, Patched - BankVault","description":"Major iOS and Mac OS vulnerabilities expose customers to cyber attacks, security firm Synack finds. Apple's anti-virus software 'Gatekeeper' broken.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/","og_locale":"en_US","og_type":"article","og_title":"iOS and Mac OS Vulnerabilities Discovered, Patched - BankVault","og_description":"Major iOS and Mac OS vulnerabilities expose customers to cyber attacks, security firm Synack finds. Apple's anti-virus software 'Gatekeeper' broken.","og_url":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/","og_site_name":"BankVault","article_publisher":"https:\/\/www.facebook.com\/BankVaultOnline\/","article_published_time":"2016-01-21T03:51:11+00:00","author":"BankVault","twitter_card":"summary_large_image","twitter_creator":"@bankvaultonline","twitter_site":"@bankvaultonline","twitter_misc":{"Written by":"BankVault","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#article","isPartOf":{"@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/"},"author":{"name":"BankVault","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639"},"headline":"iOS and Mac OS Vulnerabilities Discovered, Patched","datePublished":"2016-01-21T03:51:11+00:00","dateModified":"2016-01-21T03:51:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/"},"wordCount":363,"commentCount":0,"publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"image":{"@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#primaryimage"},"thumbnailUrl":"","keywords":["Apple","gatekeeper","iOS vulnerabilities","MacOS vulnerabilities","Synack","Zimperium zLabs"],"articleSection":["IT security news"],"inLanguage":"en-AU","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/","url":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/","name":"iOS and Mac OS Vulnerabilities Discovered, Patched - BankVault","isPartOf":{"@id":"https:\/\/www.bankvault.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#primaryimage"},"image":{"@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#primaryimage"},"thumbnailUrl":"","datePublished":"2016-01-21T03:51:11+00:00","dateModified":"2016-01-21T03:51:11+00:00","description":"Major iOS and Mac OS vulnerabilities expose customers to cyber attacks, security firm Synack finds. Apple's anti-virus software 'Gatekeeper' broken.","breadcrumb":{"@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/"]}]},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#primaryimage","url":"","contentUrl":""},{"@type":"BreadcrumbList","@id":"https:\/\/www.bankvault.com\/ios-and-mac-os-vulnerabilities-discovered\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.bankvault.com\/"},{"@type":"ListItem","position":2,"name":"iOS and Mac OS Vulnerabilities Discovered, Patched"}]},{"@type":"WebSite","@id":"https:\/\/www.bankvault.com\/#website","url":"https:\/\/www.bankvault.com\/","name":"BankVault","description":"cybersecurity","publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.bankvault.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-AU"},{"@type":"Organization","@id":"https:\/\/www.bankvault.com\/#organization","name":"BankVault","url":"https:\/\/www.bankvault.com\/","logo":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","contentUrl":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","width":1212,"height":275,"caption":"BankVault"},"image":{"@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/BankVaultOnline\/","https:\/\/x.com\/bankvaultonline"]},{"@type":"Person","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639","name":"BankVault","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","caption":"BankVault"},"url":"https:\/\/www.bankvault.com\/author\/bankvault\/"}]}},"_links":{"self":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/2716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/comments?post=2716"}],"version-history":[{"count":0,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/2716\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/media?parent=2716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/categories?post=2716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/tags?post=2716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}