Technological News Portal

Charlie Miller – iOS 4.3.1 Does Not Fix Pwn2Own iPhone Exploit

Charlie Miller, who won Pwn2Own 2011 contest by exploiting iPhone 4 security, confirmed through a recent tweet that the iOS 4.3.1 update released yesterday does not fix the Pwn2Own exploit.

Here’s what he has tweeted.

From the tweet:

iOS 4.3.1 does not fix the pwn2own bug. It’s weird they fixed it in the next os x update after the contest, but not the next iPhone update.

More time for the bad guys to get their bindiff->iPhone exploit workflow going.

The attack simply required that the target iPhone surfs to a rigged web site. On first attempt at the drive-by exploit, the iPhone browser crashed but once it was relaunched, Miller was able to hijack the entire address book.

It’s unclear why Apple didn’t fix the widely publicized exploit.

Thanks

[ttjad keyword=”iphone”]

You might also like
Why Not Join 250,000+ Readers, Like You!
AND GET OUR LATEST CONTENT IN YOUR INBOX

SUBSCRIBE 
Your information will never be shared
close-link