Kaspersky Lab has identified the "Darwin Nuke" vulnerability in OS X and iOS

Security researchers from Kaspersky Lab found a vulnerability in the Darwin kernel that is a component of OS X and iOS operating systems. The "Darwin Nuke" vulnerability causes devices with OS X 10.10 and iOS 8 to be exposed to remotely activated DoS attacks that can damage the device system and affect the operation of the corporate network to which they will be connected. Experts are urging users to upgrade their software to OS X 10.10.3 and iOS 8.3, which does not have this vulnerability.

As a result of the analysis of the discussed vulnerability, experts from Kaspersky Lab found that among the equipment susceptible to this threat are computers and Apple mobile devices equipped with 64-bit processors and OS X 10.10 (Yosemite) and iOS 8, including: iPhone 5s , iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2 and iPad mini 3.

The "Darwin Nuke" vulnerability is used when processing an IP packet that has a certain size and invalid IP options. Remote cybercriminals can initiate a DoS attack (consisting of hindering or preventing work with the device) on hardware running OS X 10.10 or iOS 8 by sending an incorrect network packet. After processing such a package, the system hangs. Researchers from Kaspersky Lab found that the system will only hang if the IP packet meets the following conditions:

  • the size of the IP header is 60 bytes,
  • the size of the malicious IP function is less than or equal to 65 bytes,
  • IP options are incorrect (incorrect option size, class, etc.).

"At first glance, it seems very difficult to exploit this vulnerability because the conditions that attackers must meet are not straightforward. However, stubborn cybercriminals will cope, resulting in a device failure and affecting the operation of corporate networks. Routers and firewalls usually bypass incorrect packages with incorrect option sizes, however, we've detected several combinations that can penetrate network equipment. We appeal to all Apple system users to upgrade their devices to OS X 10.10.3 and iOS 8.3 "- said Anton Iwanow , a senior malware analyst, Kaspersky Lab.

Kaspersky Lab products protect OS X from the "Darwin Nuke" vulnerability by blocking network attacks. Starting from version 15.0 of Kaspersky Internet Security for Mac, this threat is detected as DoS.OSX.Yosemite.ICMP.Error.exploit.

Security Tips from Kaspersky Lab

Kaspersky Lab experts have prepared some security tips for Mac users:

  1. Use a browser whose manufacturer takes care of immediate removal of security problems.
  2. Do not hesitate with the update - install all patches and add-ons for the operating system and applications immediately after they appear.
  3. Use a password manager to resist phishing attacks.
  4. Install a good security solution.

The security tips for the iPhone and iPad are available on the official Kaspersky Lab blog: http://plblog.kaspersky.com/10-super-has-secure-your-iphone .

The security theme of OS X was also raised some time ago on his blog by Eugene Kasperski, president and CEO of Kaspersky Lab: http://eugene.kaspersky.com/2014/09/29/the-evolution-of-os-x-malware .

source: Kaspersky Lab

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.