In association with heise online

16 September 2008, 10:45

iPhone update closes critical security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Firmware update 2.1 for Apple's iPhone closes a number of security holes, some of which are critical. The vendor says that attackers can exploit vulnerabilities to get around security restrictions in the application sandbox. This allows them to modify the DNS cache, limit the functionality of the device, and execute arbitrary malicious code. In short, you are in danger if you install untrustworthy applications or surf the net with older firmware. The developers have also closed the hole in the passcode lock.

Users are therefore advised to install the update immediately. Even those using a cracked iPhone in combination with Mac OS X should not wait. As the iPhone Dev Blog reports, PwnageTool 2.1 and QuickPwn 1.1 now support the new firmware. Unfortunately, so far the Windows tools do not. Windows users therefore currently face a tough decision – stop using the iPhone or accept the risks.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit