How bad is iPhone security?


How bad is iPhone security?

Cliff Saran

Apple has released 45 patches to fix security flaws in its iPhone smartphone and iPod Touch handheld computer. The patches fix problems with buffer overflow issues, cross-site scripting and security protocols.

The patches have also been incorporated into iPhone OS 3.0, the new version of Apple's smartphone operating system.

The advisory notice on Cert, stated that iPhone OS 3.0 addresses "multiple vulnerabilities across many packages". According to the notice on Cert, exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.

Apple has put together an article covering the flaws, many of which affect the image processing engine. One of the flaws could be exploited by a hacker to send a virus embedded in a PDF document to an iPod Touch or iPhone. Another involves users who connect to a malicious Exchange server, which Apple said may lead to the disclosure of sensitive information. Apple said its implementation of IPSec may cause a denial of service on the iPhone and iPod Touch.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy