- Joined
- Jun 18, 2010
- Messages
- 4,891
- Reaction score
- 1,050
No sooner has iOS 4.3 been released than AppleInsider reports that a new security hole has been discovered in the Safari browser. The breach was actually exposed at the Pwn2Own hacking contest last week, by researcher Charlie Miller, who won the iPhone part of the competition with the Safari hack. Miller has since announced via Twitter that he had informed Apple of the vulnerability, and that Apple would be patching it soon. The competitions rules actually prevent Miller and hacking colleague Dion Blazakis from revealing the details of the exploit to the general public, but they are allowed to tell Apple.
According to AppleInsider, the latest iOS has a hole which can be exploited to bypass Address Space Layout Randomization (ASLR), which is one of the new security features that Apple has incorporated in iOS 4.3.
Apple has yet to comment officially on the Safari security vulnerability, but its likely theyll be acting swiftly to patch it up.
Source: AppleInsider | Apple expected to release iOS 4.3.1 'soon' to patch Safari vulnerability
Thanks to Hookbill for the heads-up on this story.
