WebKit vulnerability


Apple Patches Kernel, Passcode Lock and WebKit Flaws in iOS 6.0.1

A little more than a month out from the release of iOS 6, which in addition to new functionality addressed almost 200 security vulnerabilities, Apple pushed out iOS 6.0.1 yesterday that repaired four new critical security issues.The most serious seems to be a kernel flaw discovered by researcher Mark Dowd of Azimuth Security and Eric Monti of Square that affects iPhone 3GS and later, as well iPod Touch and iPad2 and later. An attacker exploiting the vulnerability could essentially bypass address space randomization layout (ASLR) protections using a malicious application, and could determine addresses in the kernel, Apple’s advisory said.

As iPhone 5 Launches, Hackers Explain Journey to Working Exploit on iOS 6

With tens of thousands camped in line today waiting for the Apple iPhone 5, hackers have already had their hands on the core iOS 6 operating system for some time. Two Dutch hackers managed to successfully beat Apple’s sturdy protections in place, and this week at the EUSecWest conference in Amsterdam presented the first successful hack of a patched iPhone 4S with an exploit that will also work against the new device.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.