A bug discovered in Apple’s iOS could give hackers remote control over iPhones, iPads and iPod Touch devices.
The security flaw in Apple’s iOS operating system came to light as website JailbreakMe released code that Apple customers can use to jailbreak their phones, in order to run apps or use a network not approved by Apple.
Security experts warned that hackers could download that code, reverse engineer it to identify a hole in iOS security and build a piece of malicious software within a few days.
If you are a malicious attacker, it is fairly doable
“If you are a malicious attacker, it is fairly doable,” said Patrik Runald, a senior researcher with the internet security firm Websense.
Apple has yet to release an update to iOS that protects customers against malicious software that exploits the flaw.
Apple spokeswoman Trudy Muller said the company was aware of the problem. “We are developing a fix that will be available to customers in an upcoming software update,” Muller said.
Apple has long been vocal against jailbreaking, which if done voids the warranty on its devices.
iOS vulnerability
Hackers can exploit the iOS vulnerability by creating a malicious PDF document file. It would infect Apple devices when users attempt to open that document, according to Runald.
Once the device is infected, hackers could “do anything they want,” Runald said. That includes stealing passwords, documents and emails.
Comex, a 19-year-old hacker who developed the jailbreaking tool, said that Apple might be able to patch the software before criminal hackers develop software that exploits the bug.
Last time he put out a version of his jailbreaking software, Apple was able to issue a patch before anybody exploited it for malicious purposes.
He said that Apple might not be able to move quickly enough this time. “It’s not that hard to reverse engineer,” he said.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
