All About Mobiles

Latest News, Reviews, How to's, Browsing tricks, Shopping Guide and More.

15 Nov 2014

Apple responds to iOS ‘Masque Attack’ threats.

10:15 pm By , , , , No comments

Once again, another iOS vulnerability has been reported that allow malicious software to be  installed in your iphone or ipad in place of an app without your knowledge.
mobilesandgadgetsng.blogspot.com
Mobiles and Gadgets groove
 This prompted the U.S. government to warn Apple gadget owners on Thursday to look out for hackers exploiting a newly discovered vulnerability in the mobile operating system (iOS). According to the report, the technique takes advantage of a security weakness that allows an untrusted app (with the same “bundle identifier” as that of a legitimate app) to replace the legitimate app on an affected device, while keeping all of the user’s data, the warning states. “This vulnerability exists because iOS does not enforce matching certificates for apps with the same bundle identifier.”
This “Masque Attack” was revealed earlier this week by the network security firm FireEye. In FireEye’s report,  this vulnerability has been identified in iOS 7.1.1, 7.1.2, 8.0, 8.1, and the 8.1.1 beta on both jailbroken and non-jailbroken devices. The government warns iOS users not to install apps from sources other than Apple’s official app store or their own organizations, among other precautions.
However, Apple has released a statement addressing this breach via a spokesperson to iMore: Below is an excerpt of Apple's statement to iMore:
"We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software," an Apple spokesperson told iMore. "We're not aware of any customers that have actually been affected by this attack. We encourage customers to only download from trusted sources like the App Store and to pay attention to any .warnings as they download apps. Enterprise users installing custom apps should install apps from their company's secure website."
Though Apple says it hasn't received any reports from users yet, there are reports in the media that thousands of users have fallen victim to this vulnerability.

0 Comments:

Post a Comment

comment to Help Us serve You Better