What's new

Massive iPhone Malware Vulnerability is Fixed by iOS 9

dgstorm

Editor in Chief
Joined
Jul 27, 2011
Messages
911
Reaction score
328
AppleLock.jpg

Apple's latest OS for the iPhone, iOS 9, will start rolling out to devices later on today (if it hasn't started already), and it could be described as "none too soon." Besides the usual new features and performance improvements, iOS 9 will also fix a huge security vulnerability which allows malware apps to be installed on an iPhone.

This vulnerability will even let a third-party gain control of a user’s iPhone. Scary stuff! Here's a quote with more of the details,

To initiate the attack, all a hacker has to do is to send a file via AirPlay to an iOS or OS X user running iOS 7 or later, and Yosemite, respectively. It doesn’t even matter if the recipient accepts the incoming transfer, as the malware attack is initiated.

The hacker would then have to wait patiently for the user to reset the iPhone or Mac for any reason so that the malware app can be installed. How can a non-App Store app be installed that easily you ask? Well, the hacker would use an Apple certificate to sign it, fooling the OS into believing it’s a genuine piece of software – the kind that enterprises would release to their fleet of Apple devices.

Luckily the crafty Apple engineers have fixed it with this release and the vulnerability is about to disappear. In the mean-time, to bypass the vulnerability, simply turn off AirDrop when you aren't using it. In the thread below we included a video demonstration of the vulnerability.

Source: BGR
 
Here's a video demonstration of the bug:

 
Scary stuff....Thank goodness for the fix.
 
Sounds like a security hole for jailbreaking 8.4.1
 
Top