Experts warn against iPhone security flaw
London: A hole in Apple`s iOS for iPhone, iPad and iPod could make the devices vulnerable to remote attackers, warned security firms.
Symantec said that it could be exploited by remote attackers to take complete control of a vulnerable device.
Experts said that the threat, at present, only exists on paper but Apple should issue a fix before it becomes a reality.
Apple said that the company was aware of the report and was investigating.
The problem lies in the way Apple``s Mobile Safari handles Adobe Acrobat PDF documents.
As the browser automatically opens PDF files, a hacker could embed malicious code into this file.
Graham Cluley, a computer security expert with Sophos, said that the exploit used the same principle as Jailbreakme—a utility that lets iPhone 4 owners run non-Apple approved applications—although it uses the exploit in a benign way.
"It uses the same tricks as you do when jailbreaking," the BBC quoted Cluley as saying.
"We always thought that Apple`s Mobile Safari would be the main vulnerability. At present, we have yet to see any of these exploits out in the wild, but it is only a matter of time," he warned.
However, in an ironic twist, the only way of preventing Mobile Safari from automatically opening PDF files is by jailbreaking a phone and installing an application, called PDF Loading Warner, which then asks for permission every time the browser tries to open a PDF file.
US authorities declared it was legal for users to jailbreak their phones.
"I personally wouldn`t want to jailbreak my phone to get the fix," said Cluley.
"Right now, its all eyes on Apple who we hope are going to fix this problem as soon as possible. Historically, Apple have been slow to fix problems on their Mobile browser.
"This has been a concern of ours in the past and continues to be," he added.
Apple is yet to release a patch that would either prevent Jailbreak from working or close the highlighted security flaw.
More from India
More from World
More from Sports
More from Entertaiment
- Does govt want to hike rail ticket in the name of subsidy?
- Does govt want to hike rail ticket in the name of subsidy? Part II
- Does govt want to hike rail ticket in the name of subsidy? Part III
- Does govt want to hike rail ticket in the name of subsidy? Part IV
- Panel discussion over India's bid for NSG
- ISRO tells industry to enhance capacity to meet demand
- BJP dares Bihar government to ban VHP meet as Tejaswi Yadav threatens action against Pravin Togadia
- Brexit: Remain or Leave? Results could go down to the wire
- US Presidential Elections: Donald Trump will not ask donors to repay nearly $50 million in campaign loans
- 78 dead, 500 hurt by storms in eastern China