iOS Exploit Allows Apps To Run Unsigned Code
A security researcher has announced the discovery of a method for iOS apps to run unauthorized code on your iPhone, potentially giving malware some new tools for wreaking havoc on your smartphone. The formal announcement of the exploit will occur at SysCan next week, but for now we know at least the basics behind its operation; what’s going on, and should you be worried?
Researcher Charlie Miller discovered a way for other apps to trick iOS into giving them a memory region with those same special Nitro permissions. Once that’s ready, a malicious app could request code from a remote server, download it to your iPhone, and then have the unsigned, non-Apple-authorized code execute.
Miller wrote a demo app for his exploit, and had it approved and added to the App Store. Once Apple caught wind of his stunt, it pulled the app and terminated Miller’s development account.
Based on what we know of this attack vector, it doesn’t sound like too much cause for concern for the average user. That’s not saying the exploit isn’t potentially devastating, but thankfully it was discovered by an upstanding security researcher rather than by a black-hat hacker. It should be easier to screen for offenders now that Apple knows what it’s looking for, the company will presumably patch the memory permissions bug in a future iOS release, and Apple continues to pull problem apps from the App Store as it spots them.