Apple fixes scary Vision Pro bug that allowed hackers to fill your virtual room with spiders

Apple fixed a visionOS bug that let hackers add 3D animated objects to Vision Pro's virtual space.

: Apple addressed a visionOS vulnerability that enabled hackers to inject 3D animated objects, including spiders, into virtual spaces. The bug, found by researcher Ryan Pickren, utilized an older AR model standard to bypass restrictions. The issue was resolved in visionOS 1.2, ensuring users are now secure from such intrusions.

Apple fixed a visionOS vulnerability allowing hackers to fill Vision Pro users' virtual spaces with 3D animated objects. The issue was discovered by independent researcher Ryan Pickren, who previously identified other bugs in Apple's software. This bug exploited an older web-based 3D model viewing standard, permitting hackers to bypass restrictions and add any number of animated objects without user interaction.

Pickren demonstrated the potential horror by adding virtual spiders and bats to Vision Pro users' spaces. The ability to introduce these nightmare-inducing objects into someone’s virtual environment made the vulnerability particularly ominous. Apple awarded Pickren a bounty for identifying and detailing the nature of the vulnerability.

Fortunately, the problem was resolved with the release of visionOS 1.2. Apple has implemented strict controls to ensure only authorized apps can introduce 3D objects into the virtual space. As of now, Vision Pro users can feel secure knowing their virtual environments are protected from such unwanted intrusions.