IOS 4.3.1 Does Not Fix Pwn2Own Exploit

The iOS 4.3.1 update released yesterday does not fix the Pwn2Own exploit discovered by Charlie Miller.

iOS 4.3.1 does not fix the pwn2own bug. It's weird they fixed it in the next os x update after the contest, but not the next iPhone update.

More time for the bad guys to get their bindiff->iPhone exploit workflow going.

The attack simply required that the target iPhone surfs to a rigged web site. On first attempt at the drive-by exploit, the iPhone browser crashed but once it was relaunched, Miller was able to hijack the entire address book.

It's unclear why Apple didn't fix the widely publicized exploit.

Subscribe for Latest News