Hacking Vulnerability Spreads To iPad And iPhone
Security experts have issued warnings that a newly discovered vulnerability in Apple’s iPad and iPhone software could allow hackers to take over the mobile devices, according to Reuters.
According to Vupen, “Two vulnerabilities have been identified in Apple iOS for iPhone, iPad and iPod, which could be exploited by remote attackers to take complete control of a vulnerable device.
“The first issue is caused by a memory corruption error when processing Compact Font Format (CFF) data within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page using Mobile Safari.
“The second vulnerability is caused by an error in the kernel, which could allow attackers to gain elevated privileges and bypass sandbox restrictions.”
The company said the current vulnerabilities are also being exploited by jailbreakme to remotely jailbreak Apple devices.
The hacking threat is the latest in a series of security bugs identified in mobile devices over the past week.
Reuters said mobile devices have become increasingly vulnerable to attack because the software that runs them has got more complex over the past few years, giving the devices many of the same capabilities as personal computers.
Kevin Mahaffey, chief technology officer for mobile security firm, Lookout, said that he is not aware of any incidents in which criminals have exploited the bug to gain control of an Apple device, but said Apple has yet to offer a remedy to protect against such attacks.
A spokesperson for Apple said the company was aware of the report and was investigating.