In the its widest-reaching round of iPhone security updates yet, Apple released 10 fixes on Thursday, correcting vulnerabilities in the popular mobile phone’s Safari browser, mail client and Bluetooth server.
Seven fixes affected Safari browser vulnerabilities. Of the remaining three Bluetooth-related updates, one fixed a “critical” flaw that could allow outsiders to eavesdrop on iPhone conversations.
Of the common vulnerability enumerations, Apple’s term for patches, Andrew Storms, director of network security for nCircle, said: “The Bluetooth bug is the most critical.” Apple added that an attacker could send maliciously crafted Service Discovery Protocol packets to an iPhone with Bluetooth enabled to run malicious code for intercepting the wireless conversation.
“Even though this is labeled as a remote exploit, due to the nature of Bluetooth, this is more of a walk-by attack than a drive-by attack,” Storms said via email. “The hacker would have to be within arm’s length to exploit it.”
Apple also closed a man-in-the-middle flaw in iPhone that impacts its mail capabilities when configured to use the Secure Socket Layer protocol. In this situation, an unpatched iPhone “does not warn the user when the identity of the mail server has changed or cannot be trusted and could lead to a man-in-the-middle attack,” according to Apple.
According to researchers at Lumension (formerly PatchLink), Apple’s updates have the potential to cause irreparable damage to iPhones that installed so-called “unlock code.” It is most often used to allow the iPhone to connect with a cellular service other than AT&T.
Damien Hogan, security analyst at Lumension, told SCMagazineUS.com that the vulnerabilities Apple fixed on Thursday could be exploited to download the unlock code onto an unsuspecting user’s iPhone. Such unauthorized modifications could not only make the phone unusable, they would also void Apple’s warranty, he said.
That could be a significant issue for users of unpatched iPhones whose devices have been co-opted by an unscrupulous third party, said Paul Zimski, senior director of marketing and product strategy at Lumension. Zimski said the risk of actual damage is low, and that he didn’t believe Apple had released tools that would let iPhone users determine whether their phones have been modified.