French authorities and experts warned on July 26 that hackers could gain control of iPhones and other gadgets made by US tech giant Apple through the Internet, plundering users' data and tapping their calls.
"Two vulnerabilities have been discovered" in Apple's operating system for the iPhone, iPad tablet computer and iPod music player, the French government computer security agency CERTA said on its website.
Apple did not immediately respond when asked to comment on the alert, which was issued by CERTA following a warning by experts at the computer security firm Vupen Securities.
One of the soft spots is caused by a glitch triggered when a user views data in PDF-formatted documents, they said.
Hackers could lure web users on their Apple devices onto special websites where they could exploit the PDF glitch to gain access to the device remotely, said Vupen's chief executive Chaouki Bekrar.
A second soft spot involves a data error in one of the devices' components which could allow hackers to increase their control once they have gained access to the device, he said.
The two glitches combined could allow a hacker "to access all of the information" on the device, including contacts, e-mail messages, documents and functions such as the camera, microphone and GPS navigation, CERTA said.
CERTA said the problems affected iPhones running versions 3.1.2 to 4.0.1 of Apple's operating system, iPads with versions 3.2 to 3.2.1 and iPod touch devices with version 3.1.2 to 4.0.
"Pending corrective measures by Apple, great care is recommended while opening PDF files," for example by only opening files from known senders, the government watchdog warned.
Apple devices "are generally very secure," but "are becoming a popular target for hackers," who could tap users' telephone conversations or send messages from their mailboxes, Bekrar said.
He said the glitches were brought to light by the online service Jailbreakme which allows owners of the gadgets to download applications other than the ones sold by Apple in its official App Store.
No comments:
Post a Comment