-
Text size
According to Radware, version 1.4.x of the iPhone's firmware is open to a denial of service (DoS) attack that causes the handset's memory allocation pool to overflow and allow remote access.
"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern," said Itzik Kotler, Radware's security operation centre manager, commenting on the security loophole.
To exploit the vulnerability, the hackers must first get an iPhone user to open an HTML page which contains a JavaScript routine. From there, says Radware, the process is automated.
So far it's unclear what mischief the hackers can get up with remote access to an iPhone, but most reports say that the flaw is little more than a nuisance, causing the handset to crash...
