Items tagged with Bug
China has no love for Taiwan, and the former's censorship has led to strange issues for some iPhone users. If users have their region set to China and someone sends them the Taiwan flag emoji, a bug in iOS could cause the app to crash. That bug has the potential to allow a remote user to launch a denial of service attack on the message receiver by continually sending them the Taiwan flag emoji. The bug was discovered by security researcher Patrick Wardle. Wardle says that the bug was first brought to his attention when a friend told him that iOS apps crashed when she typed the word "Taiwan" or...
Read more...
If you own one of Samsung's Galaxy S9 or Galaxy S9 Plus smartphones a wild bug making the rounds is leaving customers on edge. Reports indicate that some users have seen the default messaging app randomly send photos from their gallery to contacts without their knowledge. One impacted user claims that the Samsung device sent the entire photo gallery to their girlfriend. Another user from reddit reported that the device had sent photos to his wife. The photos are being sent out over the stock Samsung messaging app. The particularly odd thing about this bug is that there is no record that the photos...
Read more...
Tech media publications lit up yesterday afternoon, after reports showed that a critical bug in modern Intel processors has the potential to seriously impact systems running Windows, Linux and macOS. The alleged bug is so severe that it cannot be corrected with a microcode update, and instead, OS manufacturers are being forced to address the issue with software patches, which in some instances requires a redesign of the core system kernel. Some early performance benchmarks have even suggested that patches to fix the bug could result in up to a 30 percent performance hit. Since reports on the issue...
Read more...
If the reports are accurate, it appears that Intel might have a pretty severe chip-level security bug on its hands that cannot be simply swatted away with a microcode update. The bug affects all modern Intel processors dating back at least a decade. We should note that squashing the bug requires a patch at the OS level; and Linux patches have already been distributed (with redacted comments). Microsoft is expected to address the bug in its monthly Patch Tuesday update. The circumstances surrounding the exploit are currently under embargo, but some details are starting to make their way to the public...
Read more...
Google has been paying out some significant money to get security researchers and hackers to tear apart its Chrome browser and Chrome OS. In March of 2015, Google offered up $100,000 for anyone who could find an exploit chain that would allow for a persistent compromise of a Chromebox or Chromebook using guest mode via a webpage. That $100,000 offer was an increase from the original $50,000 bounty.That bounty went unclaimed for many months until a researcher that uses the moniker Gzob Qq notified Google on September 18 that he had identified a set of vulnerabilities in Chrome OS. The hacker was...
Read more...
The Anniversary Update for Windows 10 brought a lot of great refinements and features to the table. However, as far too many users discovered, it also brought with it a number of bugs. From the get-go, it began locking-up on users, ultimately pushing Microsoft to endorse user-submitted fixes. Later, the update managed to kill webcams, and somehow even made some Linux users' lives miserable. Fast-forward to now, four full months after the Anniversary Edition launched, and Microsoft is dealing with yet another bug - but this one should be fixable fairly easily. Recently, some users have noticed (probably...
Read more...
A recent discovery has the Linux community buzzing, and it involves a bug in systemd, an init (initialization) system used in many modern Linux distributions to bootstrap the user space and manage all processes. Many regular Linux users might not even understand what systemd is, and that's because it just works, it simply flies under the radar as part of the OS. For some, systemd is a good way forward. It would be nice to think that most every modern distro has adopted it for good reason. For others, though, it's the target of extreme ire. Whether that's justified or not, there's no denying that...
Read more...
Piracy is a major issue and a vulnerability in the system Google uses to stream media through its Chrome browser could be making it worse. A flaw in the Google’s Widevine EME/CDM technology makes it possible to save illegal copies of media from streaming video sites like Netflix and Amazon Prime. How does the bug work? Google owns but did not create a digital management system called Widevine. Widevine uses encrypted media extensions to allow the content decryption module, or CDM, in your browser to communicate with the content protection systems of streaming services. EME, or encrypted media extensions,...
Read more...
Imagine that without any misguided action or behavior of your own your iOS device were to crash, simply as the result of receiving a text string via your iPhone or iPad's Messages app. Next, imagine that after this "What the heck!??!!" event (and device reboot, of course) you subsequently could not even open the Messages program. Imagine no longer. A new bug has been revealed in Apple's Messages app that will crash your device and render Messages mostly unusable upon receipt of a text containing a unique text string comprised of various symbols and Arabic characters....
Read more...
Data security research player CrowdStrike is reporting a security flaw that could allow hackers to exploit and take over data centers from within. Given the nasty moniker "VENOM" (for "Virtualized Environment Neglected Operations Manipulation"), the vulnerability CrowdStrike uncovered is present in a common component — a legacy floppy drive controller — that is widely used in virtualization platforms and appliances. The seriousness of the VENOM vulnerability rests on how it circumvents an essential barrier used by cloud service providers to segregate customer data. Thus, infiltrators who are able...
Read more...
Facing accusations from the Belgian Privacy Commission dating back to February that it is violating the privacy rights of its users, Facebook yesterday confirmed that the watchdog group had uncovered a "bug" that mistakenly tracked people even when they were not on the social media giant's website, but denied the body's assertion that the company gave users a "false sense of control" over their personal information. Facebook said that it has begun to fix the problem at hand, which leveraged cookies to track people who had not signed up for the service when they visited websites that employ certain...
Read more...
Yell loud enough, long enough, and even Apple will hear you. For years now, users who have dabbled in the iOS universe, only to switch back to a rival platform, have grumbled about lost messages. You see, once iMessage knows your phone number, it attempts to route texts and short messages to that via the iMessage platform. But if you ever switch your number back to a non-Apple device, many of those messages can be left in limbo. Moreover, many have griped that iMessage-to-Android communications get hung up, or are lost in the ether entirely. Now, Apple is finally acknowledging that there is indeed...
Read more...
Heads-up, if you're running older versions of the Windows operating system, Microsoft Office or Microsoft Lync communication platform software. Microsoft released a security advisory noting that the TIFF (Tagged Image File Format) image handler in some of these older Microsoft software suites is subject to a vulnerability whereby "specially crafted TIFF images" could convince the user to open email messages, files or web content that could be used to exploit the host machine. Microsoft details the remote code execution vulnerability in security advisory 2896666 (evil, eh?) noting: "An attacker...
Read more...
While perhaps a bit unnerving, let's not act like this hasn't happened before. While Apple's engineering team is no doubt massive, there's only so much a fixed group can find. We're talking about bugs in particular; while iOS 7's final build squashed a ton of quirks, a couple of security issues have presented themselves now that the operating system has been unleashed to the masses. In fact, most major companies find themselves in similar spots shortly after a major OS release: users discover exploits, and then, the firm has to work overtime in order to issue a patch (or two) to ensure it doesn't...
Read more...
