Home / iPhone / iOS 4.3.1 Does Not Fix Pwn2Own iPhone Exploit

iOS 4.3.1 Does Not Fix Pwn2Own iPhone Exploit

The iOS 4.3.1 update released yesterday does not fix the Pwn2Own exploit discovered by Charlie Miller.

iOS 4.3.1 does not fix the pwn2own bug. It’s weird they fixed it in the next os x update after the contest, but not the next iPhone update.

More time for the bad guys to get their bindiff->iPhone exploit workflow going.

The attack simply required that the target iPhone surfs to a rigged web site. On first attempt at the drive-by exploit, the iPhone browser crashed but once it was relaunched, Miller was able to hijack the entire address book.

It’s unclear why Apple didn’t fix the widely publicized exploit.

Read More

Download Full Version

About BigDot

why join the navy if you can be pirate!

Leave a Reply