Skip to navigation

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.

Latest News

Security hole leaves iPhone users vulnerable

 
Gallery

Posted on 24 Jul 2008 at 11:45

A security vulnerability could leave iPhone users open to malicious phishing attacks by allowing spammers to spoof URLs sent within emails.

The flaw affects the iPhone Mail application and Safari browser running on versions of 1.1.4 and 2.0 of the iPhone software, claims security researcher Aviv Raff.

The flaw enables spammers to create a link which appears to point at a reputable site, but which in fact can lead to any third party site.

"By creating a specially crafted URL, and sending it via an email, an attacker can convince the user that the spoofed URL, showed in the mail application, is from a trusted domain," explains Raff on his personal blog.

Apple has acknowledged the flaw in the Mail application he claims, but is still investigating the issue with Safari.

"Until a fix is available, I suggest to avoid clicking on links in the Mail application which refers to trusted web sites. Instead, a user should enter the URL of the website manually in the Safari application," warns Raff, claiming that technical details of the vulnerability will be withheld until a patch is released to the public.

Author: Matthew Sparkes

Be the first to comment this article

You need to Login or Register to comment.

(optional)

advertisement

Latest Blog Posts Subscribe to our RSS Feeds
Latest Reviews Subscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

Create an account

advertisement


Hitwise Top 10 Website 2008