Security research group Cryptopath has discovered a vulnerability in the way the iPhone OS handles authentication certificates that could enable potential attackers to gain access to user data. To take advantage of this flaw, an attacker would have to trick users into downloading a malicious file under the guise of a legitimate update. While there are no reports of this security flaw currently being exploited in the wild, be extra careful when opening unverified links or files until an official security update is released. follow link
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.
- ExtraBITS for 8 February 2010 (08 Feb 10)
Stay Alert for iPhone Phishing Attacks