iPhone patch fixes security holes
Apple's latest firmware update for the iPhone and iPod touch addresses some pretty serious remotely exploitable security holes.
According to a Knowledge Base article on Apple's website - via ComputerActive - the latest patch for the OS fixes five flaws, three of which could result in the device being remotely cracked.
While one of the other vulnerabilities - a flaw in the in-built recovery mode functionality, which allows for a certain section of memory to be forcibly corrupted on receipt of a certain USB control message and allow full access to data on the iPhone or iPod Touch without needing the pass code - requires physical access to the handset to exploit, the other critical issues can be remotely exploited.
The first is an issue with the handling of maliciously crafted MP4 files in the software's CoreAudio libraries - initially thought to merely represent a crash risk, but later discovered to allow third-party code execution. The MP4 file can be either attached to an e-mail or included in a web page for download, and potentially allows for full remote access to the data on the handset.
The second major issue fixed by the update lies in the ImageIO libraries, which have a similar issue with parsing malicious TIFF image files - again allowing for remote code execution in correctly exploited.
The third flaw allowing for remote code execution lies, rather more seriously, in the WebKit engine for the browser itself: when presented with a maliciously-crafted FTP directory listing, the browser can overflow and - again - potentially execute arbitrary code.
With these three flaws representing serious security concerns - especially with the potential to have all your contacts, e-mails, and photos sent off to a third party, or your handset being made to silently call a premium-rate chat line without your knowledge - all iPhone users are advised to upgrade at their earliest convenience.
Are you pleased to see such major security flaws patched by Apple, or does it clash with the company's image of 'it just works?' Share your thoughts over in the forums.
Previous Article
17 Comments
Discuss in the forums ReplyFor the people who claim Apple is unbreakable!
I bet there are more than there are in probably any version of windows.
no thanks. it's only a virus, according to Apple, windows users are used to it.
Apple are quite lax at fixing vulnerabilities and it will turn around and bite them on the butt one day, but the UNIX underpinnings of OSX are at the heart of its security - anything that can cause major damage to the system requires a password from the user before it can happen - installing software etc - so the onus is on the user to be careful. Windows users know this as UAC, but XP-tards didn't like the UAC in Vista and went back to the seive they were using previously. Then when MS released Vista again with a new name and the ability to dumb down UAC, everyone was happy...because they could let all sorts of crud onto their system without being nagged about it.
As for the iphone, it is an enormously popular device that shares its OS with the ipod touch - another enormously popular device. It has an app store that is also enormously popular and most importantly an SDK so that code can be written for it - bugs and vulnerabilities are inevitable.
Apple made a name for itself for just this type of "security." as they gain market share and become a target they will find that it is not easy providing true security. ask Microsoft, they know. Microsoft has a more secure system because they have actually patched it when a hole was found. no one has looked for holes in a mac, so none of them have been patched.
Apple will rue the day they get enough market share to attract the attention of the botnets. They will eat their words. whether they do so graciously is yet to be seen.
+1
please be so generous to enlighten us with your enormous knowlegde then?
windows has a more robust patching system than mac, because they have to. they are the target of just about everyone. mac has been criticized for years by the security sector for their slowness in releasing patches, and they almost never make a press release about it, or find ways to notify users. they are cutting their teeth with the iphone, and could learn a lot from microsoft on the issue. is microsoft's implementation perfect and without criticism? absolutely not, but it is superior to apples, as it has undergone "trial by fire."
linux has pretty good patch response time. . . if you spend the time to figure out what patches you need. that will depend entirely on what flavor and kernel revision you are running. the problem is you either need to spend the time to research it yourself, which can be a pain in the a$$, or hire a third party vendor to do it for you. linux licensing is cheaper than microsoft licensing (it is hard to beet free) but the costs are often made up with higher maintenance cost (primarily in the form of time invested), higher salaries for administrators and increased downtime. these issues are being resolved as it is more widely adopted, however, and it shows as more businesses adopt it for critical parts of their infrastructure.
their are certainly pros and cons to each system, but my vote for best over all patching system goes to microsoft for now. the linux community looks like they really want to start to challenge that title, but they are, as usual, not well coordinated in their efforts. apple seems to be in the middle of an identity crisis there, as starting a large scale and very public patching effort would somewhat contradict the image the have worked to build.
so far the responses from apple to all the attacks on the iphone have been rather unimpressive, and sometimes they seem to have a devil may care attitude towards fixing issues. "if you use it the way we tell you to that wont happen" is not the type of response i care to receive, but that may just be me.