Apple readies fix for iPhone browser security hole
Apple readies fix for iPhone browser security hole.. I knew that were going to respond pretty quickly on this ...
Source Cnet News :
August 4, 2010
Apple says that it has a fix for the browser security flaw discovered earlier this week on its iOS-powered devices.
After the iPhone Dev Team released the latest jailbreak software hack for the iPhone over the weekend, it became apparent that the way the jailbreak worked--via an iPhone's mobile Safari browser--that the phone has a security vulnerability when it comes to the way it loads PDF files from the Web.
On Wednesday an Apple spokeswoman said in a statement, "We're aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update."
Apple declined to say when the update would be pushed out.
There are two distinct vulnerabilities in the iPhone uncovered with the jailbreak software's release, principal analyst Charlie Miller of Independent Security Evaluators told CNET Tuesday. One flaw is in the way the browser parses PDF files, enabling the code to get inside a protective sandbox, and the other hole allows code to break out of the sandbox and get root, or control, privileges on the device.
The security flaw is so serious that the German government issued an official warning to citizens about it on Wednesday and said it was investigating.
Apple declined to comment on Germany's Federal Office for Information Security's statement.
Apple readies fix for iPhone browser security hole | Circuit Breaker - CNET News