Apple fixes scary Vision Pro bug that allowed hackers to fill your virtual room with spiders | Mashable.

Apple fixes scary Vision Pro bug that allowed hackers to fill your virtual room with spiders

Adding this to our list of nightmares.
By Matthews Martins on 
Hello sir, may I interest you in the latest visionOS update? Credit: NurPhoto / Getty Images

Apple has fixed a visionOS vulnerability that allowed a hacker to fill a Vision Pro user's virtual space with 3D animated objects.

When spelled out like this, it doesn't sound that scary, but replaced "3D animated objects" with spiders, bats, snakes, or anything else that scares you, and you've got yourself one of the most intriguing and ominous bugs we've ever heard of.

The vulnerability for was discovered by Ryan Pickren, an independent researcher who already found a couple of bugs in Apple's software, including nasty iPhone and Mac camera issues. Pickren told Mashable via email that he believes the bug he'd found in visionOS allows for the first "spatial computing" hack. He also said that Apple awarded him a bounty for finding and describing the issue.

Mashable Light Speed
Want more out-of-this world tech, space and science stories?
Sign up for Mashable's weekly Light Speed newsletter.
By signing up you agree to our Terms of Use and Privacy Policy.

The bug stems from the way visionOS handles apps that can spawn 3D objects in your virtual space while you're using the Vision Pro. As Pickren explained on his blog, the company severely restricted who and what can do this in most cases, but "forgot" about an older, web-based 3D model viewing standard called Apple AR Kit Quick Look. By adding some simple code to a website, a hacker could bypass Apple's restrictions and launch "an arbitrary number of 3D, animated, sound-creating, objects without any user interaction whatsoever."

Vision Pro bug
GET US OUT OF HERE Credit: Ryan Pickren

Pickren supplied some examples by tapping into a lot of folks' worst nightmares: by adding virtual spiders and bats into a Vision Pro user's virtual space.

Fortunately, Apple fixed this vulnerability in visionOS 1.2, which launched earlier this month, though the company's description (unsurprisingly) don't mention eight-legged arthropods.

AD

In any case, it appears Vision Pro users are safe from 3D monsters bursting into their virtual life — for now.

Topics  Apple Augmented Reality

Comments

  1. Thought Apple is very secured.

    ReplyDelete
  2. This is the kind of hacking I can fully get on board with 😆

    ReplyDelete
  3. I called it… Spider Mentos or Mentos Spider till now. Because of the resemblance of Mentos candy on the tummy. Hahaha

    Probably one of my greatest fear, to be encountered by Spider Mentos on toilet area while pooping. 🤣

    ReplyDelete
  4. No no no no. They had to add a cat room mode

    ReplyDelete
  5. Now that's a bug!

    ReplyDelete
  6. Switch to Airplane mode 😂😂😂

    ReplyDelete
  7. If you are going to write in English please make it correct English.

    ReplyDelete
  8. The worst hackers are those who don't do anything and just watch your every step.

    ReplyDelete
    Replies
    1. And I think FB has several of them in their so-called Community Standards dept !?!🤷

      Delete
    2. If I were this paranoid I'd see a shrink.

      Delete
  9. Since they're spiders, technically it's a security arachnid, not a bug.

    ReplyDelete
  10. I'm sure all 7 people using the Vision Pro will be glad

    ReplyDelete
    Replies
    1. need a bug to get people to even consider thinking about it and then **swipes up***

      Delete
  11. Bug was displaying bugs

    ReplyDelete
  12. Bug of bugs? 😁

    ReplyDelete
  13. This Year Has Been Tough For Many, And In Order To Provide Assistance, I Will Be Donating Five Grand To Seven People Who Send Me A Message With The Words "God Did"

    ReplyDelete
    Replies
    1. And here's a prime example of a scamming hacker !

      Delete
    2. May your pants be perpetually on fire.

      Delete
  14. if they were smart / cultured they'd have used facehuggers

    ReplyDelete
  15. Will I still be able to re-implement this on the Vision Pro then?!
    https://i.giphy.com/.../v1.../fJKG1UTK7k64w/giphy.gif

    ReplyDelete
  16. actually… this would be kind of amazing 😂

    ReplyDelete
  17. Many promises fail But God Never Fail I'm helping those in need,u paying of their bills, debts and mortgages 5 GRAND is Gifted to the 5 first person that sends "GOD NEVER FAIL"💙🕊️🧸

    ReplyDelete
    Replies
    1. And again here's another prime example of a scamming hacker !

      Delete
  18. Hello awesome clients I am an ethical hacker with many years of experience in this field and an expert in programming, hacking, recovery, penetration of crypto funds, social media platforms, monitoring cheating spouse, getting WhatsApp access, regaining Facebook access and more.
    KINDLY CONTACT NOW FOR GUARANTEED SERVICE DELIVERY...

    ReplyDelete
  19. It's a security arachnid...

    ReplyDelete
  20. Thankfully by the time there's major demand for VR, issues like this will be fixed because of sacrifices--and I do mean sacrifices--by companies like Apple and Meta. Right now it's a niche market at best with little return on the investment.

    ReplyDelete
  21. Or...you could just take them off and read a book.

    ReplyDelete
  22. Australian hackers for sure.

    ReplyDelete
  23. That is the ugliest website I have ever seen not hosted on GeoCities.

    Well done Mashame

    ReplyDelete
  24. Apple should just walk away, and say they gave it their best shot.

    Do you give up on everything at the slightest road bump?

    ReplyDelete
  25. Good thing I don't waste my money on apple products then 🤣

    ReplyDelete
  26. People use the Apple Vision Pro?

    ReplyDelete
    Replies
    1. Yea, it’s great for watching movies and playing emulators

      Delete
    2. …and apparently playing non-consenting exterminator simulator

      Delete
    3. Yeah, that too. Although it was fixed a week ago

      Delete
  27. That was an usually crappy write up. Is this indicative of all American News or just more Tabloidesque than average?

    ReplyDelete

Post a Comment

Stay informed!