The exploit was made using a bug found in WebKit, in just “three weeks.” According to Joost Pol, one of the researchers at Certified Secure, the exploit code can be embedded anywhere on the website, stating that “We could embed the code in advertisements on news sites for example.”
The exploit will be sent to Apple directly so that a fix can be issued by them. However, it should be noted that the security flaw was found in WebKit, an open source engine framework used in both Apple’s Safari and Google’s Chrome browsers, and that Apple isn’t squarely at fault.
“You know, people think that these things are so hard to do, that it’s only theoretical and that it’s only Charlie Miller or Willem Pinckaers (previous Pwn2Own winners) capable of doing this. There are many people — good and bad — who can do this. It’s important for people to understand, especially businesses, that mobile devices should never be used for important work,” Pol told ZDnet.
The hacked iPhone 4S was running iOS 5.1.1 as well as the Developer Build of iOS 6, which means that the iPhone 5 is also susceptible to this exploit. Additionally this exploit also works on iPads as well.
The two researchers Joost Pol and Daan Keuper won $30,000 for the hack at the Mobile Pwn2Own competition.
Provided By:
Comments
Post a Comment
Your Comment are very important For us.Kindly Report Dead or Broken link.
Write your Request and Suggestions For us.
if You Have a blog or website and want to exchange the link.write ur email here.
....Thankyou....