Apple rightly deserves much of its reputation as the go-to stop for idiot-proof security. Sure, it’s not perfect, but between its locked-down app ecosystem and the speed at which it can get updates out to users, it’s generally on top of things. We’ll be keeping a close eye to see how the company reacts to news of a brand new iOS exploit, which has the potential to let hackers get at some of your personal files.
The attack was demonstrated on an iPhone 4S running iOS 5.1.1, but the team behind the exploit claim that it had also been working on the iOS 6 beta releases, and there’s a good chance that today’s official launch of iOS 6 is vulnerable as well. It doesn’t appear to be very hardware-dependent, and even iPads can be made victim.
The problem is with WebKit, letting attackers develop a malicious website that, when visited through Safari, is able to side-step Apple’s protections and get around Safari’s security protocols.
The full nature of the attack isn’t yet clear, including if it allows straight-up unsigned code execution, but we do know that it’s capable of gaining access to photographs, address book data, and your browsing history, as stored on your iPhone or iPad.
Expect Apple to come out with a quick iOS 6 update as soon as it manages to get its head around this new exploit.