An analysis has been conducted on the recently-uncovered CoreText exploit, to determine exactly how it worked. The expolit crashed apps when malicious text messages and emails were opened on iOS devices and Macs. The exploit had to do with negative-length strings, according to The Register
Apple's CoreText rendering system uses signed integers to pass around array indexes and string lengths. A negative length, -1, is passed unchecked to a library function which uses it as an unsigned long integer to set the bounds of an array. This causes the library to attempt to read beyond the end of an array and into unallocated memory, triggering a fatal exception.
Apple is rumored to have fixed this exploit in both Mavericks and iOS 7. In the meantime, iOS 6 and Mountain Lion users affected by this issue can use the workaround from our own Nick Arnott.
Any of you been bitten by this bug?
Source: The Register
Review: A portable monitor with limited brightness but great clarity
Portable monitors are the perfect travel companions since they give you an extra screen to work with. Here's how Lepow's 15.4-inch display stacks up.
Review: Just slip a Bluebonnet case on your AirTag and go
Soft, stretchy, and bright blue, the Bluebonnet AirTag Case is a straightforward solution that keeps your AirTag safely attached to just about anything. It also displays both sides of the AirTag so your personalization shines through.
Some iPhone 14 handsets to be eSIM-only but nano SIMs will remain an option
Apple is rumored to be readying carriers for an eSIM-only iPhone 14 and analyst Emma Mohr-McClune believes there will still be a place for those who want a physical SIM option.
Keep your HomeKit accessories safe and secure with the best HomeKit routers
Expand your home's Wi-Fi coverage and add an additional layer of security for your smart home accessories with the best HomeKit routers.