News

How bad is iPhone security?

Cliff Saran

Apple has released 45 patches to fix security flaws in its iPhone smartphone and iPod Touch handheld computer. The patches fix problems with buffer overflow issues, cross-site scripting and security protocols.

The patches have also been incorporated into iPhone OS 3.0, the new version of Apple's smartphone operating system.

The advisory notice on Cert, stated that iPhone OS 3.0 addresses "multiple vulnerabilities across many packages". According to the notice on Cert, exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.

Apple has put together an article covering the flaws, many of which affect the image processing engine. One of the flaws could be exploited by a hacker to send a virus embedded in a PDF document to an iPod Touch or iPhone. Another involves users who connect to a malicious Exchange server, which Apple said may lead to the disclosure of sensitive information. Apple said its implementation of IPSec may cause a denial of service on the iPhone and iPod Touch.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy