Miller and his partner Dion Blazakis took home $15,000 in cash and the hijacked iPhone 4.
If you update your iPhone today, the [MobileSafari] vulnerability is still there, but the exploit wonРІР‚в„ўt work. IРІР‚в„ўd have to bypass DEP and ASLR for this exploit to work.
Miller stated about the newest version of iOS and how it’s more protected:
Miller performed the hack on an iPhone running 4.2.1 and it will not work if you have upgraded to the current iOS 4.3.
Like the Safari hack , Miller’s attack stems from a vulnerability found in the Webkit engine that powers mobile Safari on the iPhone 4. Using the vulnerability, Miller was able to get into the phone’s Address Book and take all the info from it. The browser crashed initially, but when they reloaded it he was in and out with the contact info.
Charlie Miller has once again successfully hacked an product at the Pwn2Own competition. This year he has successfully hacked an 4 via Safari resulting in access to the Address Book.
iPhone 4 vulnerability could reveal your Address Book via Safari
iPhone 4 vulnerability could reveal your Address Book via Safari | Apple Headlines
Комментариев нет:
Отправить комментарий