HD Moore takes iPhone exploits public

Vulnerability in TIFF image-rendering library shared by Safari, email and iTunes software.

Noted hacker HD Moore has publicly posted exploits that take advantage of a vulnerability in Apple's iPhone, the same flaw that's been used by others to unlock the smart phone so it will work on non-AT&T networks.

The vulnerability, which is in the TIFF image-rendering library shared by the iPhone's Safari browser and its e-mail program, as well as by the iTunes software, leaves the iPhone wide open to attack, said Moore, who posted a second, and more robust, exploit after debuting attack code early this week.

"This exploit is rock solid," Moore said in an interview. "It's very reliable, as reliable as the WMF [Windows Metafile] exploits in Windows. You can send it in an e-mail, you can embed it in a Web page."

Although the vulnerability is the same as the one leveraged by hackers such as the iPhone Dev Team to return unlock capabilities to iPhones updated to Firmware 1.1.1 last month, Moore said that's the only similarity between his work and the activities of unlockers. "I wanted an exploit that would write any arbitrary payload" to the iPhone, rather than the specialized changes made for an unlocking hack, Moore said.

He claimed success. "The second exploit works on 1.0, 1.0.1, 1.0.2 and 1.1.1 iPhones," he said, referring to the four versions of the phone's firmware released since the device's June debut.

Although he expects Apple to plug the TIFF vulnerability in the next iPhone update -- a move that many interested in unlocking the iPhone have also predicted and bemoaned -- Moore also said it wouldn't matter. Citing the history of the vulnerability, which was also present in the Sony PlayStation Portable (PSP), he said attackers will be able to exploit the flaw in the future, even if Apple fixes it.

"All they'll need to do is back port the firmware to an earlier version that's vulnerable," said Moore. "Apple has to leave a way to restore an iPhone back [to previous versions of the firmware]."

The same technique was used to hack the Sony PSP after Sony issued an update that patched the TIFF vulnerability on that video game player.

In notes posted to customers of its DeepSight threat management network, Symantec warned iPhone users of Moore's exploits and recommended they use caution when browsing the Web, handling unsolicited e-mail and dealing with suspicious or unexpected music files.

But Ollie Whitehouse, a software architect with Symantec's security response team, downplayed the iPhone's apparent insecurity. "The iPhone isn't any different from other mobile platforms," he argued. "It's only the interest from the security research community that makes it seem different."

Moore disagreed. "I think the iPhone is pretty terrible," he said, referring to its level of security. "It's an easy platform to exploit." That's true in part, he explained, because exploiting any iPhone application gives root access to the entire phone. But other security weaknesses abound, including ones in the Safari browser and in the underlying operating system -- a scaled-back version of Mac OS X -- that runs the device, he added.

Moore has added the exploits to Metasploit, the popular penetration framework, a move that in the past has meant in-the-wild attacks are not far behind. He predicted that malicious code exploiting the TIFF vulnerability would be on the loose "pretty soon."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?