Apple plugs remote-code execution flaws in iPhone

Powered by SC Magazine
 

Exchange issues, exposed passwords and much more.

Apple has plugged several security holes in its iPhone and iPod Touch OS, one of which could allow criminals to take over a vulnerable device by injecting and executing malicious code on the device if the victim visits a malicious website.

According to an Apple security advisory, the updated version of its mobile operating system (3.1 for iPhone and 3.1.1 for iPod Touch), fixes numerous holes that could open users to a variety of attacks, both remotely and by malicious users with physical access to a vulnerable device.

The most dangerous flaw (CVE-2009-1725) was present in all previous versions of the mobile OS and could "lead to an unexpected application termination or arbitrary code execution" if the user visits a maliciously crafted website. A similar flaw (CVE-2009-1724) could allow a cross-site scripting attack if the user visits a malicious website.

Phishing attacks could be enhanced by exploiting a vulnerability (CVE-2009-2199) that allows fraudsters to create copycat web sites in order to extract personal information from unsuspecting users.

According to the advisory, "The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain."

A buffer overflow error (CVE-2009-2206) opens users to remote code execution when the device opens a specially crafted MP3 or AAC file.

Users who connect to a Microsoft Exchange server via their iPhone or iPod Touch are also affected by a flaw labelled CVE-2009-2794. Apple warns that if the device falls into the wrong hands, it would be possible to access an exchange server even if the timeout period set by the Exchange administrator has expired.

According to Apple, once the timeout period has expired, users are required to re-enter their password. However, exploitation of the flaw creates "a window of time for a person with physical access to use the device, including Exchange services."

Other vulnerabilities include one that exposes hidden passwords (CVE-2009-2796), and one that allows access an iPhone even if it is locked (CVE-2009-2795). A flaw in MobileMail means emails that were deleted could still appear in a Spotlight search(CVE-2009-2207). Apple also fixed an issue that revealed usernames and passwords in URLs (CVE-2009-2797).

Apple was unavailable for comment.


Apple plugs remote-code execution flaws in iPhone
 
 
 
Top Stories
First look: Microsoft Outlook for iOS
[Update] Office productivity suite for iOS completed with Outlook.
 
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3112

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 994

Vote