Apple fixing security flaw in iPhones, iPads after German IT firm warning

Apple fixing security flaw in iPhones, iPads after German IT firm warning

Summary: Apple is rushing to fix a security hole found in its iOS mobile software following a stern warning from a German IT security department.

SHARE:
47

Apple is rushing to fix a security hole found in its iOS mobile software following a stern warning from a German IT security department.

The Associated Press is reporting that Germany's Federal Office for Information Security found that flaw stems from clicking on an infected PDF file, which "is sufficient to infect the mobile device with malware without the user's knowledge." That opens the door for the user's passwords, emails, text messages, emails and almost anything else stored on the iPhone, iPad or iPod touch in question.

Apple's response:

Apple Inc. spokeswoman Bethan Lloyd said Thursday the company is "aware of this reported issue and developing a fix that will be available to customers in an upcoming software update."

Apparently this is damaging on "several versions" of iOS, but not all. The Guardian has cited specifics:

The problem may occur on iPhone 3GS, iPhone 4, iPad, iPad 2 and the iPod Touch with software versions including iOS 4.3.3, and it "cannot be excluded" that other iOS versions – including the iOS 5 due in September – have the same weakness, said the Bonn-based federal bureau.

The security gap was originally uncovered by a group of hackers trying to jailbreak an iPhone. Some third-parties who produce jailbreaking software have already posted patches. However, it appears that this problem, related to PDF files, is different from the recent zero-day font vulnerability found in JailbreakMe.com. That doesn't necessarily mean they are unrelated, but just different.

As ZDNet's Adrian Kingsley-Hughes reports, there is a debate over whether or not jailbroken iPhones and other iOS devices are actually safer or not. But a patch from Apple for this specific problem is still needed immediately.

All of this follows the recent discovery that Apple could also be a target of the AntiSec campaign, adding fuel to the theory that the Cupertino, Calif.-based company could be the "Holy Grail" for hackers.

Related:

Topics: Apple, iPhone, iPad, Mobility, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

47 comments
Log in or register to join the discussion
  • Re: Apple fixing security flaw in iPhones, iPads after German IT firm warni

    I'm not worried. Apple has told me that viruses are only a PC problem. ;)
    The one and only, Cylon Centurion
    • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

      @Cylon Centurion You're absolutely right. *sips koolaid*
      Imrhien
      • 54u53 pl0x

        @Imrhien
        Can someone gimme a link to the koolaid reference? I don't get it. I like koolaid and I'm not self-inflated.
        Z3R0D4Y
      • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

        @Yiu Korochko

        http://en.wikipedia.org/wiki/Drinking_the_Kool-Aid
        CowLauncher
    • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

      @Cylon Centurion
      Can you name 2 viruses for OSX in the wild ?
      Anthony E
      • ZDNet: fix your damned comment system

        @Anthony E
        Or even one.
        DeusXMachina
      • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

        @Anthony E
        One they will probally say 'Mac Defender (which isn't a virus) but 2 would require someone to actually search
        Anthony E
  • Re: Apple fixing security flaw in iPhones, iPads after German IT firm warni

    HAHA! Just like you can't get malware on a mac right?
    Nate_K
    • ZDNet: fix your damned comment system

      @Nate_K
      Who said that?
      DeusXMachina
  • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

    Interesting that the day the jailbreakme site come back up using this exploit all of a sudden Apple is working on a patch...LOL
    eye4bear
    • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

      @eye4bear Yes, responsiveness = hilarity (?!).
      spstanley
    • ZDNet: fix your damned comment system

      @eye4bear<br><br>Why do you post about stuff you know NOTHING about?!?<br>1) There is not an "exploit"<br>2) They did NOT use this bug, they merely found it<br>3) The bug WAS patched by the original hackers who found it.
      DeusXMachina
  • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

    Hmmmm... Apple is starting to sound a lot like, *gasp*, Microsoft!
    j28n
    • ZDNet: fix your damned comment system

      @j28n
      In what way, pray tell?
      DeusXMachina
  • What, no denials?

    Apple is not denying the issue, they are actually fixing it instead of telling technicians to pretend that there is no problem and that customers are on their own?<br><br>No, "....la, la, la, there is no malware, there is no problem, there is no issue, la, la, la..."?<br><br>Seriously?
    Raid6
    • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

      @Raid6
      Or wait for the monthly update.
      Wait 30 days for a fix, l like my updates ASAP.
      daikon
      • Knowing what you are talking about

        @daikon

        Monthly update?!? Apple security updates have NEVER been on a monthly schedule. WTF are you talking about?
        DeusXMachina
  • RE: Apple fixing security flaw in iPhones, iPads after German IT firm warning

    iOS:2, Windows:22

    Guess it'll be the 'Roids next week!
    Gr8Music
  • ROFLMAO!!!

    b b but... i thought they were impervious to any nasties???

    that's why it's ok for everyone to bring their iCrap to work and hook it up to work network?!

    This must be FUD
    SonofaSailor
    • ZDNet: fix your damned comment system

      @SonofaSailor
      You would know, FUDmeister
      DeusXMachina