iPhones currently provide some provisioning protocols allowing to install certificates on a device, but there's apparently a problem with the process. Hackers have found a way to make the configuration file report back as “Verified”, creating a false certificate that claims it is installing a security update from “Apple Computer”.
Of course, the download is not from Apple, so it could be used to trick iPhone user into installing a malicious update, allowing hackers to control your iPhone, wreaking havoc on WiFi settings and locking you out of email, Safari and other iPhone applications!
From threatpost:
The chain of vulnerabilities and the attack was outlined in an anonymous blog post on the iPhone flaws on Friday. Charlie Miller, an Apple security researcher at Independent Security Evaluators, said that the attack works, although it would not lead to remote code execution on the iPhone.Let’s hope Apple will fix the problem in the near future. In the mean time, we have a tip to keep you safe: Avoid hitting the “Install” button if you see a screen like the one in the screenshot above, especially if you don't have explicit knowledge of what is going on.
"It definitely works. I downloaded the file and ran it and it worked," Miller said. "The only thing is that it warns you that the file will change your phone, but it also says that the certificate is from Apple and it's been verified."
The problems start with the fact that the iPhone signs its own credentials using a certificate signed by Apple when it is requesting a configuration file from a remote server during the provisioning process. The only way to establish the validity of the Apple certificate is to verify each of the certificates that leads to the Apple root certificate authority, and that can only be done by getting the data from a jailbroken iPhone.
0 comments on "New iPhone Vulnerability with Remote Attack discovered"
Post a Comment