While Apple constantly works to improve the security of its devices, hackers are always looking for new ways to crack the security systems found in the iPhone, iPad, Mac, and other devices. Earlier this year, an exploit found in Apple’s WebKit (which is the Safari engine) allowed hackers to extract login information from iOS devices.
Researchers at security firm FireEye are highlighting an exploit involving iOS’s multitasking architecture to enable a nefarious (or exploited) app to record user touch events, Home Button presses and other events even whilst the app is backgrounded. It has always been theoretically possible for apps to record touch events whilst foregrounded, as the app needs access to the touch input to respond to user events. However, FireEye are demonstrating that this is possible even when the iOS app is not frontmost.
A working exploit for Sophos 8.0.6 on Mac is available, however the
techniques used in the exploit easily transfer to Windows and Linux,
due to multiple critical implementation flaws described in the paper.
Testcases for the other flaws described in the paper are available on
request.
Sophos responded with a post on the multiple vulnerabilities, and it responded over and over that “Sophos has seen no evidence of this vulnerability being exploited in the wild.” But, is that really good enough? How about issuing a fix in the two plus months that they’ve known about these issues? It only takes one wild exploit.
Sophos gave 9to5Mac the following comment:
Some were fixed last month, and for others we started rolling out patches to our users today. :-)
Users of Sophos products should be automatically updated, but if anyone wants to be sure they can initiate a manual update. Expand Expanding Close
@comex, a member of the Dev-team has been working hard on an iPad2 jailbreak since the device was released. The jailbreak will use another PDF exploit via jailbreakme.com and support iOS 4.2.1-4.3.3. Last night, however, one of the jailbreak beta testers leaked the exploit online. This version of the JailbreakMe 3.0 exploit has not been confirmed by the Dev-Team or @Comex himself. Many users have reported that this exploit only works with WIFI-only iPads and issues with Safari crashing. (Sounds wonderful!)
We must reiterate that this Jailbreak has not been confirmed by the Dev-Team to be working or even safe. Several iPad2 Jailbreak related malware have been distributed recently, so proceed with caution if you must attempt to use this leak. Hopefully we will hear from the Dev-Team or even receive an official iPad2 Jailbreak soon. Screenshot below: