According to IT Pro the Apple iPhone is vulnerable to Denial of Service attacks. These can occur when an iPhone user opens a JavaScript containing HTML page which triggers the vulnerability. An application Denial of Service attack can then crash the Safari browser on the phone, and quite possibly the iPhone itself.

The vulnerability actually lies with the Safari web browser that is used within the latest version 1.1.4 of the Apple iPhone software, and has been uncovered by integrated application delivery solutions outfit Radware which funnily enough is also offering a solution in the form of its own Security Update Service.

Radware warn that the vulnerability, which obviously has to have a user visiting an 'infected' web page using the iPhone in order to trigger the DoS attack, could be driven by a social engineering exploit using either email or SMS text messaging. The browser is vulnerable due to a design flaw that may be triggered by a series of memory allocation operations on the dynamic memory pool, according to Radware. This in turn can trigger a bug in the garbage collector, and the security hole is currently unpatched.

"While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern" says the Security Operation Centre Manager at Radware, Itzik Kotler who continues "hackers continue to misappropriate other people's software and their job is made easier by design flaws embedded into software products".

249 Views
About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

I don't know why people are suffering with unlocking and all the blah blah with apple iphone.

I have a Pocket PC, I used a iphone theme (http://www.iphonethemeforpocketpc.com/) and everything worked like a magic to me. Now I'm having the iphone experience in my Pocket PC.