Apple sitting on iOS exploit fix

Apple has reportedly readied a fix for an exploit uncovered yesterday which could potentially allow hackers to gain un-permitted access to devices running Apple's mobile operating system, iOS.

Apple said yesterday that it was "investigating" the issue, but today released a statement saying it had found a solution to the exploit which will be made available in a "coming update" - likely iOS 4.1, which is currently being tested by registered Apple iPhone developers.

"We're aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update," an Apple spokesperson told CNET.

The two security exploits, highlighted by only current web-based iPhone jailbreak which launched last weekend, relate to the way the iOS web browser, Safari, reads PDF files on the iPad, iPhone and iPod Touch.

One of the exploits utilizes the methods that Safari uses to read and parse PDF files to gain access to the 'protective sandbox', while the second hole allows the code to get out of the 'sandbox' and access root control privileges for the device -- potentially allowing hackers the ability to install rogue apps that could monitor user actions.

The second hole -- the one which gives malicious code access to the root control privileges for the device -- is so worrying that the German Government's Federal Office for Information Security suggested users avoid opening PDF files until a fix is made available.

Report a problem with article
Next Article

Softlayer and The Planet in merger talks

Previous Article

Microsoft's mystery hardware? Arc Touch Mouse, launching in September

38 Comments - Add comment