• The Hobbyist@lemmy.zip
      link
      fedilink
      English
      arrow-up
      34
      ·
      1 year ago

      At a very high level: the attacker sends a picture which somehow is opened by Apple Wallet and leads to the execution of arbitrary code (this is the vulnerability, in how the wallet parses the picture, allowing for a buffer overflow), deactivation of certain security features and download/execution of the malicious payload.

      • p_q@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        sure apple wallet is requierd for it to work? red it like the image part can come remotely by picture 0click (by link preview archived) or via using the wallet app, not both in conjunction.