Three security firms released a new report indicating that hackers could exploit a software vulnerability in the Apple iPhone and iPad so that they could fully control both devices.
Symantec, Vupen and Lookout announced the Apple iOS flaw that gives hackers full control of an iPhone, iPad or iPod Touch. Apple said it is aware of the problem and its software developers are trying to resolve the issue.
There are no confirmed reports of hackers successfully hijacking an Apple device using the flaw — but security experts are concerned because Apple has been so slow to try and respond to the issue.
Security is a growing problem Apple faces now that its iOS has become a popular target for hackers. Many iPhone users carry a large amount of information on their phones, so a successful exploit could allow criminals to reap the rewards of easily accessible personal information.
Specifically, Apple product owners are at risk if they use Mobile Safari on the iOS device and open a malicious PDF hosted on a website. The flaw allows hackers to take control of the device by capitalizing on a memory corruption error related to PDF processing.
Any iPhones, iPads and iPods running iOS versions 3 or 4 are at risks, researchers note, though there are some basic rules users should follow.
Since Apple hasn’t released an official fix, users are urged to pay attention to the attachments and websites they click on. Users are advised not to click on links from unknown senders, along with watching out for suspect PDFs in e-mail attachments.
Apple has long prided itself on providing a more secure OS than Windows, but they have had to deal with a recent increase in OS attacks as the iOS platform becomes more popular. Similar to Microsoft, Apple is now being criticized for a slow response to publicly revealed security flaws.