The security breach apparently affects iPhone Mail and Safari running on firmware 1.1.4 and 2.0. However, earlier versions may also be vulnerable.
To avoid being spoofed, Raff recommends that users manually input URLs into iPhone's Safari browser and avoid clicking on Mail links until Apple releases a fix.
Apple has acknowledged the gaping hole in its iPhone Mail application and launched an investigation into Safari's alleged vulnerability to forged URLs. µ
iPhone vulnerable to hack attacks
By Aharon Etengoff on Jul 24, 2008 4:20PM