Your iOS devices can be hacked just by opening a JPEG


photos in ios 10
Beware this nasty bug in iOS 10.
Photo: Ste Smith/Cult of Mac

If you haven’t already installed Apple’s latest iOS 10.1 update, do it now. Thanks to a vulnerability in earlier release of its software, it’s possible for your iPhone, iPad, or iPod touch to be hacked using only a malicious JPEG image or PDF file.

Believe it or not, the flaw allows a hacker to take complete control of your device remotely, according to The Hacker News. The nasty code is distributed through websites and emails inside a JPEG or PDF file, and all you have to do is open it.

[contextly_auto_sidebar] The good news is that Apple has already fixed the problem, but you need to install iOS 10.1 — the update that was rolled out on Monday — to be safe. Earlier versions of iOS still carry the vulnerability, which is labelled CVE-2016-4673.

Apple has also made some big security patches in its latest releases of macOS, tvOS, and watchOS, so it might be a good idea to update all of your devices at the same time.

macOS Sierra 10.12.1 includes 16 fixes, including those for an image handling bug, a denial of service (DoS) error with NVIDIA graphics card drivers, a bug that exposed the length of user passwords, and a Remote Code Execution flaw.

Apple Watch gets 8 security patches with watchOS 3.1 — including two that could allow third-party apps to access your image library without permission — and Apple TV gets 10 fixes with tvOS 10.0.1.


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.