Users which haven’t upgraded their systems to the Apple iOS 8 could be victims of a new iOS 7.1 exploit targeting the CVE-2014-4377 vulnerability.
Security experts at Binamuse firm have discovered the availability online of the exploit kit which targets the vulnerability coded CVE-2014-4377, a memory corruption issue in iOS’s core graphics library. The exploitation of CVE-2014-4377 could allow a threat actor to deliver a malformed PDF through the Safari Browser and get victim to execute an arbitrary code which allow the attacker to gain complete control of the victim’s device.The list of devices potentially affected by the CVE-2014-4377 flaw is long, iPhone, iPad or iPod Touch that are still running iOS 7.1.x or its jail broken are affected by the vulnerability. The vulnerability also affects Apple TV version below 7.
Full Article