iPhone Exploits Discovered

iphone dead

Researchers for Independent Security Evaluators have discovered two security vulnerabilities in the Apple iPhone. The vulnerabilities are found in the Safari browser through a method called “fuzzing”.

The first exploit requires the user to surf a maliciously coded website using the Safari browser. As soon as the user gets there, all tje data inside the device such as call history, voice mail information, SMS texts, contact information, e-mails, browser’s history and even passwords could be accessed and collected by the remote attacker.

The second exploit which was developed by the researchers themselves, also requires the user to visit a maliciously coded website. What the exploit does is cause the iPhone to vibrate and play a system sound. This exploit is also capable of making the iPhone send a text message, dial a phone number, turn on the microphone enabling the remote attacker to eavesdrop on any ongoing conversations.

Apple has been informed of the iPhone exploits and researchers have provided a patch that most likely will be included in a firmware update.

If you own an iPhone, here are some safety measures you can take:

  • Only visit sites you trust.
  • Only use WiFi networks you trust.
  • Don’t open web links from emails.

You can read the general information regarding the exploits here. Full disclosure of the iPhone exploits will be presented at the BlackHat convention in Las Vegas next month.

[image source: flickr.com/photos/sketch22]

This post may contain affiliate links that allow us to earn commissions at no additional cost to you. We are reader-supported so when you buy through the affiliate links, you are also helping or supporting us. 

Leave a Reply

Your email address will not be published. Required fields are marked *