Researchers Found 'Darwin Nuke' Vulnerability In OS X and iOS

Researchers Found 'Darwin Nuke' Vulnerability In OS X and iOS

Security researchers at Kaspersky Labs have found a critical vulnerability in the kernel of Darwin ( An open-source component of both the OS X and iOS operating systems) that allows an attacker to damage the victims device and impact the connected network.

The vulnerability dubbed as "Darwin Nuke" is putting the OS X 10.10 and iOS 8 devices at risk of denial of service attack.

The affected devices includes iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, iPad mini 3, and OS X devices with 64-bit processors.

How To Exploit Darwin Nuke Flaw ?

In order to exploit the flaw, the attacker must have to create an invalid IP packet and send it to the victim's device.

If the invalid IP packet meets the following conditions, the affected devices will crash after processing the IP packet :
  • The size of the IP header should be 60 bytes.
  • The size of the IP payload should be less than or equal to 65 bytes. 
  • The IP options should be incorrect (invalid option size, class, etc.)

Anton Ivanov, Senior Malware Analyst at Kaspersky Lab said, "At first sight, it is very hard to exploit this bug, as the conditions attackers need to meet are not trivial ones. But persistent cybercriminals can do so, breaking down devices or even affecting the activity of corporate networks. Routers and firewalls would usually drop incorrect packets with invalid option sizes, but we discovered several combinations of incorrect IP options that are able to pass through the Internet routers."

How To Protect Your Devices ?

Use Kaspersky Internet Security 15.0 or higher, it will detect this threat as DoS.OSX.Yosemite.ICMP.Error.exploit. It also has a network attack blocker feature to protect against denial of service attacks.

If you want more security, here are some useful tips from Kasperksy Labs :
  • Use a web browser that has a solid track record of fixing security issues promptly.
  • Run "Software Update" and patch the machine promptly when updates are available.
  • Use a password manager to help cope with phishing attacks.
  • Install a good security solution.

No comments

Powered by Blogger.