Apple security whiz Charlie Miller has discovered a method that may enable attackers to run shellcode on the latest version of the Apple iPhone, something that researchers previously thought to be impossible. In a presentation at Black Hat Europe this week, Miller discussed his findings, but said that in order to get the shellcode working, an attacker would still need an exploit.
From the Computerworld report:
Miller said he’s found a way to trick the iPhone into running code that enables shellcode. To run shellcode, however, an attacker would first need a working exploit for an iPhone, or a way to target some software vulnerability in, for example, the Safari Web browser or the mobile’s operating system. Miller said he doesn’t have one now.
But if someone did, “this would allow you to run whatever code you want,” Miller said in an interview after his presentation.
Read the full article here.