bit-tech.net

iPhone patch fixes security holes

iPhone patch fixes security holes

Apple's latest firmware update for the iPhone and iPod touch addresses some pretty serious remotely exploitable security holes.

Apple has released the iPhone OS 3.1.3, which fixes a series of major security vulnerabilities in the mobile platform - and is a must-have for iPhone and iPod Touch users.

According to a Knowledge Base article on Apple's website - via ComputerActive - the latest patch for the OS fixes five flaws, three of which could result in the device being remotely cracked.

While one of the other vulnerabilities - a flaw in the in-built recovery mode functionality, which allows for a certain section of memory to be forcibly corrupted on receipt of a certain USB control message and allow full access to data on the iPhone or iPod Touch without needing the pass code - requires physical access to the handset to exploit, the other critical issues can be remotely exploited.

The first is an issue with the handling of maliciously crafted MP4 files in the software's CoreAudio libraries - initially thought to merely represent a crash risk, but later discovered to allow third-party code execution. The MP4 file can be either attached to an e-mail or included in a web page for download, and potentially allows for full remote access to the data on the handset.

The second major issue fixed by the update lies in the ImageIO libraries, which have a similar issue with parsing malicious TIFF image files - again allowing for remote code execution in correctly exploited.

The third flaw allowing for remote code execution lies, rather more seriously, in the WebKit engine for the browser itself: when presented with a maliciously-crafted FTP directory listing, the browser can overflow and - again - potentially execute arbitrary code.

With these three flaws representing serious security concerns - especially with the potential to have all your contacts, e-mails, and photos sent off to a third party, or your handset being made to silently call a premium-rate chat line without your knowledge - all iPhone users are advised to upgrade at their earliest convenience.

Are you pleased to see such major security flaws patched by Apple, or does it clash with the company's image of 'it just works?' Share your thoughts over in the forums.

17 Comments

Discuss in the forums Reply
kenco_uk 4th February 2010, 17:04 Quote
Balls. I've literally just installed cydia on mine :/
Farfalho 4th February 2010, 17:46 Quote
Snookied!

For the people who claim Apple is unbreakable!
dec 4th February 2010, 19:21 Quote
what about the iPad?
LucusLoC 4th February 2010, 19:50 Quote
hey, a mac product finally got enough market share to become a target! and now they are found to have vulnerabilities! honestly, who did not see this coming? (don't raise you hands mac fanatics, we already know about you)
DriftCarl 4th February 2010, 21:50 Quote
makes you wonder how many serious vulnerabilities are sitting there in OSX just waiting to eventually be found.
I bet there are more than there are in probably any version of windows.
wuyanxu 4th February 2010, 22:47 Quote
when there's no jailbreak for 3.1.3?

no thanks. it's only a virus, according to Apple, windows users are used to it.
B3CK 5th February 2010, 03:23 Quote
As long as their is money to be made, curious minds, or prestige to be gained, no OS will be perfect. I do think that apple should be applauded for fixing the problems, (golf clap). But should be sent up the flag pole for trying to lead un-informed and lazy people into a false sense of security.
dyzophoria 5th February 2010, 10:38 Quote
i love it when I hear stories like this only for the mere fact that my friends keep blasting to my face that their Apple devices are perfect, virus free pieces of s***. lol
gavomatic57 5th February 2010, 13:17 Quote
I'd love it if linux had OSX's market share and had the same 3rd party support, but at the moment buying a mac is a small price to pay to avoid having to use Windows 7. I'll keep Vista for gaming, but that's my last MS OS.

Apple are quite lax at fixing vulnerabilities and it will turn around and bite them on the butt one day, but the UNIX underpinnings of OSX are at the heart of its security - anything that can cause major damage to the system requires a password from the user before it can happen - installing software etc - so the onus is on the user to be careful. Windows users know this as UAC, but XP-tards didn't like the UAC in Vista and went back to the seive they were using previously. Then when MS released Vista again with a new name and the ability to dumb down UAC, everyone was happy...because they could let all sorts of crud onto their system without being nagged about it.

As for the iphone, it is an enormously popular device that shares its OS with the ipod touch - another enormously popular device. It has an app store that is also enormously popular and most importantly an SDK so that code can be written for it - bugs and vulnerabilities are inevitable.
LucusLoC 5th February 2010, 19:49 Quote
there are known exploits in every version of unix that can bypass root authentication. as many have said previously, here and elsewhere, no OS is perfect. an OS is "secure" only as long as it is not a target.

Apple made a name for itself for just this type of "security." as they gain market share and become a target they will find that it is not easy providing true security. ask Microsoft, they know. Microsoft has a more secure system because they have actually patched it when a hole was found. no one has looked for holes in a mac, so none of them have been patched.

Apple will rue the day they get enough market share to attract the attention of the botnets. They will eat their words. whether they do so graciously is yet to be seen.
Devolve 6th February 2010, 17:07 Quote
Quote:
Originally Posted by LucusLoC
there are known exploits in every version of unix that can bypass root authentication. as many have said previously, here and elsewhere, no OS is perfect. an OS is "secure" only as long as it is not a target.

Apple made a name for itself for just this type of "security." as they gain market share and become a target they will find that it is not easy providing true security. ask Microsoft, they know. Microsoft has a more secure system because they have actually patched it when a hole was found. no one has looked for holes in a mac, so none of them have been patched.

Apple will rue the day they get enough market share to attract the attention of the botnets. They will eat their words. whether they do so graciously is yet to be seen.

+1
Fod 8th February 2010, 00:22 Quote
wow. the amount of ignorance on display in this thread is astonishing.
alpaca 8th February 2010, 02:05 Quote
Quote:
Originally Posted by Fod
wow. the amount of ignorance on display in this thread is astonishing.

please be so generous to enlighten us with your enormous knowlegde then?
Fod 8th February 2010, 08:17 Quote
Honestly? It would be wasted and cause a flame war. I'll stick to being content with sounding like a know-it-all elitist.
LucusLoC 8th February 2010, 09:59 Quote
oh no, i insist. i would love to hear what you have to say on the matter. if you make a grand sweeping statement like that you really should back it up.
Fod 8th February 2010, 10:10 Quote
Sigh. No, you know what? You're all right. I apologise, I was wrong. Apple are an evil selfish company who only release patches when it fits their public image agenda. Linux is the best thing since God himself, and Windows and iPhones are for retards.
LucusLoC 8th February 2010, 18:44 Quote
i think you are taking it a little too personally.

windows has a more robust patching system than mac, because they have to. they are the target of just about everyone. mac has been criticized for years by the security sector for their slowness in releasing patches, and they almost never make a press release about it, or find ways to notify users. they are cutting their teeth with the iphone, and could learn a lot from microsoft on the issue. is microsoft's implementation perfect and without criticism? absolutely not, but it is superior to apples, as it has undergone "trial by fire."

linux has pretty good patch response time. . . if you spend the time to figure out what patches you need. that will depend entirely on what flavor and kernel revision you are running. the problem is you either need to spend the time to research it yourself, which can be a pain in the a$$, or hire a third party vendor to do it for you. linux licensing is cheaper than microsoft licensing (it is hard to beet free) but the costs are often made up with higher maintenance cost (primarily in the form of time invested), higher salaries for administrators and increased downtime. these issues are being resolved as it is more widely adopted, however, and it shows as more businesses adopt it for critical parts of their infrastructure.

their are certainly pros and cons to each system, but my vote for best over all patching system goes to microsoft for now. the linux community looks like they really want to start to challenge that title, but they are, as usual, not well coordinated in their efforts. apple seems to be in the middle of an identity crisis there, as starting a large scale and very public patching effort would somewhat contradict the image the have worked to build.

so far the responses from apple to all the attacks on the iphone have been rather unimpressive, and sometimes they seem to have a devil may care attitude towards fixing issues. "if you use it the way we tell you to that wont happen" is not the type of response i care to receive, but that may just be me.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums