Does Apple fix it is still unknown.

Specialists of the company Tencent Xuanwu Security Lab found in older versions of iOS unusual critical vulnerability. The experts found that the intruders have the ability to completely disguise a malicious URL to the web site for real. As a result, the hackers can send these disguised links to users, who won’t suspect a trick, and go to malicious sites.

The vulnerability discovered in all versions of iOS up to iOS 11.4.1. The essence of the bug is that hackers can forge the letter d on the dum character from Unicode in the domain name. The actual URL of the site this takes an unusual form, however, in Safari, the symbol dum appears as a regular letter d.

It is due to this hackers have the ability is to disguise a malicious URL under real. Using the vulnerability, attackers can disguise the name of the iCloud website, registering an identical domain, but replacing the letter d on the symbol dum.

If the iPhone user is running old iOS versions will be sent a link to this website, he will not even notice that the URL is not anything. In this regard, the vulnerability received a critical status.

Specialists Tencent Xuanwu Security Lab sent a message about finding the vulnerabilities of Apple.

Source: tencent.

LEAVE A REPLY

Please enter your comment!
Please enter your name here