≡ Menu

iPhone hack uses exploit to work

Metasploit Includes Exploit For iPhone 1.1.1- Using Same Vulnerability As Jailbreak:

“H D Moore published details on exploiting the iPhone today using the same vulnerability as the jailbreaks/unlockers. It takes advantage of a vulnerability in the libtiff library for processing TIFF image files.

The exploit is now in Metasploit, which means someone with only the technical skills of an ex-analyst can exploit you via email or a web page with a special image file.

Apple will hopefully patch this quickly. The bad news is that it will kill all current attempts to load custom applications on the iPhone, but since it’s now remotely exploitable the risk outweighs the reward.”

This also highlights the problem with using a well-known, desktop operating system in a phone: it’s a well-known environment for hackers and malware writers, and it will inherit any security holes which exist in the desktop version of your OS.

Comments on this entry are closed.