Android and iPhone exploits revealed in past week

Over the weekend, a new Web-based jailbreak became available for iOS devices, offering users a simple method to open their devices to installation of unauthorized third-party applications.  An error in the processing of Compact Font Format (CFF) data within PDF files can be exploited to execute arbitrary code e.g. when a user visits a specially crafted web page using Mobile Safari.

This is applicable to any iOS 4 device (all new iPhone 4s, iPads and any upgraded iPhone 3G and 3Gs).  On of the main features of iOS 4 was the SandBoxing approach to applications.  This exploit bypasses the SandBoxing by exploiting a third party app.  I have to say this doesn’t help Adobe’s popularity in Cupertino.

Time will tell if Apple will release a patch to iOS to resolve the issue or if Adobe will have to update their code.  For the time being, the best advice is to browse “safely” (if that’s really possible anymore) or just not browse at all.

The Andriod exploit has a completely different twist on it.  Spider Labs released a DVD at Defcon last week that provided a method to root the device.  Once the exploit is applied the Android device acts as a bot for the hacker who has full remote-control over the device providing access to all the user information on it.  What makes this more interesting is that Spider Labs is an ethical hacking team using this approach to incentivize manufacturer to provide  a fix to the issue more quickly.

“It wasn’t difficult to build,” said Nicholas Percoco, head of Spider Labs, who along with a colleague, released the tool at the Defcon hacker’s conference in Las Vegas on Friday.  Percoco said it took the team about two weeks to build the malicious software.

CNET reported that there were ten companies had data compromised.  The list included Pepsi, Coca-Cola, Apple, and Google amongst others.  All information was solicited through one phone call to an employee of the company.

************** UPDATE Aug 5th **********************

CNET has posted that Apple has acknowledged the issue and already have a fix.  They did not mention when it would be released but a software update is imminent.

************** UPDATE Aug 11th *********************

Apple has released iOS 4.0.2 for iPhone and iTouch as well as iOS 3.2.2 for the iPad to address this vulnerability.  Of course the a side effect to addressing this vulnerability is that it now breaks the functionality of JailbreakMe 2.0.  Not that this should be a surprise.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s