Latest in Iphone

Image credit:

Safari exploit used to gain control of iPhone at Pwn2Own

Share
Tweet
Share
Save

Sponsored Links

A team of Dutch researchers used a WebKit vulnerability in Mobile Safari to gain access to a fully patched iPhone 4S during a recent mobile Pwn2Own challenge. The attack circumvented Apple's code-signing requirements and grabbed the entire address book, photo and video database and web browsing history. It could not download SMS or emails from the device because those databases were not accessible and also encrypted.

Though it was executed against an iPhone 4S with iOS 5, the vulnerability is also present in iOS 6. The Dutch team, led by Joost Pol of Certified Secure and colleague Daan Keuper, tested the exploit in the gold master version of iOS 6. They also confirmed it worked on all previous versions of the iPhone, iPad and iPod touch. Unless an update to iOS 6 happens before launch day, it will also be possible on an iPhone 5.

From detection to completed code, the exploit took about three weeks to develop and refine. You can read more about the exploit and Dutch research team on ZDnet's website.

In this article: iPhone, iPhone 4S, Iphone4s, Pwn2Own, Safari
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Airbnb plans to go public in 2020

Airbnb plans to go public in 2020

View
French court rules Steam games must be able to be resold

French court rules Steam games must be able to be resold

View
‘Terminator: Resistance’ will pit you against Skynet this December

‘Terminator: Resistance’ will pit you against Skynet this December

View
‘Apex Legends’ Season 3 launches with a new hero on October 1st

‘Apex Legends’ Season 3 launches with a new hero on October 1st

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr