New iPhone Security Vulnerability Discovered in PDF Viewer

iOS was largely spared the lashes Android received last week at Black Hat and Defcon, and it got good marks for security in a Forrester report yesterday. But today, Gizmodo reports a new vulnerability in iOS: Apple's custom PDF reader. Malicious code can be hidden in fonts that automatically load when a user opens a PDF file, allowing a hacker to take control of the device.

Someone in the comments of the Gizmodo post writes "All of a sudden, a wallpaper application in the Android Marketplace that collects your phone number doesn't seem so bad, does it?", echoing All Things Digital's headline "How's Apple's Walled Garden Look Now?. It's a sobering reminder that those app gardeners aren't omniscient. (For example, there was a security flaw in Citi's iPhone app recently).

Read more...