Your iOS devices can be hacked just by opening a JPEG


photos in ios 10
Beware this nasty bug in iOS 10.
Photo: Ste Smith/Cult of Mac

If you haven’t already installed Apple’s latest iOS 10.1 update, do it now. Thanks to a vulnerability in earlier release of its software, it’s possible for your iPhone, iPad, or iPod touch to be hacked using only a malicious JPEG image or PDF file.

Believe it or not, the flaw allows a hacker to take complete control of your device remotely, according to The Hacker News. The nasty code is distributed through websites and emails inside a JPEG or PDF file, and all you have to do is open it.

The good news is that Apple has already fixed the problem, but you need to install iOS 10.1 — the update that was rolled out on Monday — to be safe. Earlier versions of iOS still carry the vulnerability, which is labelled CVE-2016-4673.

Apple has also made some big security patches in its latest releases of macOS, tvOS, and watchOS, so it might be a good idea to update all of your devices at the same time.

macOS Sierra 10.12.1 includes 16 fixes, including those for an image handling bug, a denial of service (DoS) error with NVIDIA graphics card drivers, a bug that exposed the length of user passwords, and a Remote Code Execution flaw.

Apple Watch gets 8 security patches with watchOS 3.1 — including two that could allow third-party apps to access your image library without permission — and Apple TV gets 10 fixes with tvOS 10.0.1.