Apple sees off malicious app threat in iOS 5.0.1

gallery

Apple has closed off a flaw in iOS that allowed apps to get around code-signing rules on the App Store.

Charlie Miller uncovered the vulnerability affecting iPhones, iPods and iPads earlier this week, showing how it was possible to load an app up on to Apple’s store and have it deploy malicious code.

His InstaStock app, which seemed to be a simple stock market application but actually watched over users and could steal data, managed to get on the App Store and exploit a bug in iOS.

A logic error existed in the mmap system call's checking of valid flag combinations. This issue may lead to a bypass of codesigning checks.

Miller was subsequently chucked off the iOS developer programme and the researcher claimed he was not to be allowed back for a year.

Apple has now released iOS 5.0.1, with a variety of fixes, including one covering up Miller’s discovery.

“A logic error existed in the mmap system call's checking of valid flag combinations. This issue may lead to a bypass of codesigning checks,” the Apple advisory read.

The update also included a fix for a software bug which was draining the battery of certain iPhones, according to reports. Apple promised a fix earlier this month after customers complained their iPhone 4S devices were losing power in just 12 hours. Overheating issues were also reported.

Apple has also fixed a flaw that allowed people to access data on the iPad 2 without having to enter a passcode.

“When a Smart Cover is opened while iPad 2 is confirming power off in the locked state, the iPad does not request a passcode,” Apple said. “This allows some access to the iPad, but data protected by Data Protection is inaccessible and apps cannot be launched.”

Email to a friend

Print this page