Skip to Content

Massively looks at the best free to play games
AOL Tech

vulnerability posts

iPhone OS 3.0.1 update released, fixes SMS vulnerability

by Nilay Patel posted Jul 31st 2009 @ 2:13PM Breaking News


Looks like Apple pulled the trigger on patching that nasty iPhone SMS vulnerability a little earlier than we expected -- the iPhone OS 3.0.1 update just hit iTunes. It's not some lightweight, either: you're looking at 280MB of love here, so get downloading, friends.

[Thanks to everyone who sent this in]

SMS vulnerability on iPhone to be revealed today, still isn't patched

by Chris Ziegler posted Jul 30th 2009 @ 3:29AM

Remember that alleged SMS-based security hole on the iPhone allowing evil-doers to execute arbitrary code and do all sorts of nasty crap like create an army of mobile zombies ready and willing to execute a DoS attack? The guy who found it, security expert Charlie Miller, said that he'd reveal the details of it at Black Hat -- and Black Hat's this week. Sure enough, Miller and his cohorts plan to unleash details of the hack today, and while they claim they informed Apple of the problem over a month ago, Cupertino's yet to make a move. We'd stop short of suggesting iPhone owners all turn off their handsets and take themselves firmly off the grid and into a completely disconnected underground bunker the moment the attack becomes public, but if it's as serious as Miller claims, it definitely bumps up the pressure on Apple to get a fix out on the double -- preferably before 3.1 drops.

Oh, by the way: July 14, 2009

by Chris Ziegler posted Jul 15th 2009 @ 4:02AM

Here's some of the other stuff that happened in the wide world of mobile for Tuesday, July 14th, 2009:
  • Windows Mobile 6.5 Standard -- yes, Standard, not Professional -- has been spied on video running on an HTC S710. What does it look like? Pretty much the same as 6.1 with a few tweaks.
  • A security dude has discovered a Bluetooth "vulnerability" of sorts in HTC devices running Windows Mobile 6.0 and 6.1 that allows unfettered access to the phone's file system when file sharing is enabled, but here's the catch: you've got to pair with an untrusted phone for it to really be an issue, which might explain why HTC doesn't seem to concerned about it.
  • Prison directors from 26 states have come together to sign a petition asking for FCC petition to jam cellphone signals on their premises. Something tells us the CTIA isn't really cool with that. [Via Phone Scoop]
  • Remember that rebranded Mobinnova Ice hacked to run Android in Russia? Yeah, well, it's totally real, and mail.ru has a unit to prove it.
  • Canada's Koodo Mobile is now offering the LG 5500 flip for CAD $175 (about $154). The VGA camera isn't going to inspire any deep romantic love, but the lack of a contract just might. [Via MobileSyrup]

Apple patching nasty iPhone SMS vulnerability

by Darren Murph posted Jul 2nd 2009 @ 1:01PM


Given the hype surrounding Apple's iPhone, we're actually surprised that we haven't seen more holes to plug over the years. In fact, the last major iPhone exploit to take the world by storm happened right around this time two years ago, and now -- thanks to OS X security expert Charlie Miller -- we're seeing yet another come to light. Over at the SyScan conference in Singapore, Mr. Miller disclosed a hole that would let attackers "run software code on the phone that is sent by SMS over a mobile operator's network in order to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet." Charlie's planning to detail the vulnerability in full at the upcoming Black Hat conference, but Apple's hoping to have it all patched up by the end of this month.

[Via HotHardware]

Security experts hating on Android browser until patch is released

by Chris Ziegler posted Feb 12th 2009 @ 3:44PM


Software vulnerabilities are no stranger to modern, highly-connected smartphones and feature phones alike, and fortunately, the big guys have been pretty good about staying on the ball and patching the serious stuff in a reasonable amount of time. The latest problem discovered in the Android browser's multimedia subsystem really sucks, though -- it's so bad, some security dudes are advising customers to "avoid" using the it altogether until it gets fixed -- and the most frustrating part about it is that it actually is fixed in the Android code trunk, it's just that no one's bothered to roll out an update to G1 users yet. In the meantime, the dude who discovered the problem is advising users to only visit trusted sites and avoid WiFi, so yeah, just don't browse or anything, okay?

[Via ReadWriteWeb]

Evil WAP Push messages can reboot some Sony Ericsson handsets?

by Chris Ziegler posted Feb 1st 2009 @ 11:20PM


Some modern phones do a pretty good job of rebooting at random on their own without additional assistance from miscreants, but unfortunately, the real world is filled with people who'd like to make your gadgets just a little bit buggier than they already are. Enter this nifty little vulnerability recently discovered to affect a good number of Sony Ericsson models, involving a specially crafted WAP Push message carried via SMS that'll instantly restart the phone. That's not the best part, though -- in theory, an attacker could send you a string of these bad boys that would get queued up by your carrier, so the second the phone comes back online, it gets the next message and restarts once again -- potentially leading to a long, painful spell without a usable handset. Apparently, there isn't any known fix for this, so if you're carrying one of the affected models, just stay on the good side of any evil-doers you happen to know for now, okay? Follow the break for a video of the restarts in action (we understand the outgoing calls are just to demonstrate that the attack can be initiated at any time, though we can't say for sure).

Continue reading Evil WAP Push messages can reboot some Sony Ericsson handsets?

Epic Android bug interprets your typing as system commands

by Chris Ziegler posted Nov 8th 2008 @ 8:42PM

The philosophy goes something like this: the great thing about Linux is that it's secure, and the great thing about open-source software is that it's thoroughly and constantly vetted for robustness. So to that end, Android should be pretty rock solid, right? Perhaps, but the overwhelming enormity of this particular bug definitely gives us pause. It turns out that G1 firmware revisions RC29 and earlier literally interpret everything you type as command-line operations, so if you happen across a legit command, it's going to get executed -- with superuser permissions, no less. No, seriously. Just go to the messaging app, the browser, or anywhere else a text box is convenient, type "reboot," press the enter key, and watch magic happen. We've tested this on two G1s, both with RC29 firmware, and have gotten this to consistently work on one of the two, so your mileage may vary -- but either way, this needed to get patched on the double. Fortunately, Google's been quick about it, rolling a fix into the RC30 build that's being rapidly pushed to users as we speak, but man... how did that get through?

Safari exploit gives hackers full control over iPhones and possibly PCs and Macs

by Thomas Ricker posted Jul 23rd 2007 @ 3:05AM Breaking News

Oops, researchers just unveiled a pretty serious security vulnerability in the iPhone. More specifically, it's Apple's Safari web browser which exhibits the vulnerability. Researchers at Independent Security Evaluators have used the vulnerability to take malicious control of the iPhone from rogue websites loaded with the exploit. Once in, researchers have full administrative access over the phone allowing them to listen in on room audio or snatch the SMS log, address book, call history, email passwords and more -- we're talking full access to your phone. Researchers note that the only way to stay safe is to check those URLs and only visit sites that you trust (which isn't very reassuring) and "may or may not be exploitable" from Mac and PC versions of Safari -- the same vulnerability exists only they haven't written the proof-of-concept exploit to test it yet. Apple has been notified of the vulnerability and a proposed fix with full public disclosure coming at the BlackHat conference on August 2nd. You listening InfoSec Sellout? That's how you report a bug. Check the exploit in video form after the break.

[Via MacRumors]

Continue reading Safari exploit gives hackers full control over iPhones and possibly PCs and Macs

MMS exploit targets Windows Mobile 2003

by Chris Ziegler posted Jan 2nd 2007 @ 3:27PM

What's scarier than a text message luring you into getting your PC all hosed up with virii? An MMS message that somehow manages to do the infection honors all by its lonesome, that's what. Details are now emerging on what appears to be the world's first proof of concept for an MMS virus, exploiting a weakness in the way Windows Mobile 2003 handles SMIL (Synchronized Mutlimedia Integration Language) to cause a buffer overflow -- which in turn leads to the dreaded "arbitrary code execution." The fella responsible for the exploit apparently gave Microsoft the heads-up a solid six months ago; when he never heard back, he went public with it in a big way at Berlin's Chaos Communication Congress. The good news (if you can call it that) is that it's only been tested on the i-mate PDA2K and HP iPaq h6315, both of which are approaching the tail ends of their useful shelf lives. No word on whether the vulnerability applies (or can be easily adapted to) Windows Mobile 2005, but somehow, "we hope not" simply doesn't properly express our sentiments.

[Via El Reg]




    AOL News

    Joystiq

    Download Squad

    TUAW

    Daily Finance

    Urlesque

    Autoblog