Apple Inc. (AAPL) said the company is working to fix security flaws highlighted by the German Federal Office for Information Security (GFOIS) this week. The agency said “critical weaknesses” in Apple’s iOS allows software viruses to infiltrate the mobile operating system when users open PDF files via email and the security hole puts users at risk who simply visit a website that has infected PDF files.
The GFOIS stated that the flaw exposes users of the iPhone, iPad and iPod Touch to personal data theft and that clicking on an infected PDF file while using the iOS “is sufficient to infect the mobile device with malware without the user’s knowledge.”
The agency claims that users who visit sites with infected PDFs run the risk of outsiders gaining administrator access on their device, opening all user information and provides the ability of third parties to listen to private conversations.
The security issues are specific to iOS 4.3.3 but the GFOIS said that other iOS versions “cannot be excluded.” The agency has advised users to avoid PDFs where the origin isn’t known when using iOS, either through email or a website.
The agency admitted that attacks from the flaw are yet to be reported but said, “it must be expected that attackers will soon exploit the weak points.” The same agency exposed an Apple security gaffe last year, which the company subsequently issued a software patch to correct.
The GFOIS said it informed Apple of the problem before it went public with the information. Cupertino, Calif.-based Apple has yet to say how long it will take to fix the issue.
“Apple takes security very seriously, we’re aware of this reported issue and developing a fix that will be available to customers in an upcoming software update,” the company stated.
In other Apple news, federal district judge Phyllis Hamilton denied the company’s request for a preliminary injunction against Amazon.com Inc. (AMZN) for use of the term “App Store.”
The Oakland, Calif.-based court told Apple that it didn’t sufficiently prove that using the same term as Apple confused customers. Amazon’s Appstore launched in March as a venue for Google Inc.’s (GOOG) Android platform. Mountain View, Calif.-based Google argued that the words “App Store” are generic, and that consumers cannot be confused since Apple’s service sells programs only for Apple devices.
The denial of Apple’s preliminary injunction means that the case will go on, and is scheduled to be heard in October 2012.
Meanwhile, following the ruling on the request, both stores will remain open.
Would you like all your dreams to come true? Follow Marc Speir on twitter @truthorcon.
Apple fixing mobile security issues, denied injunction against Amazon
ABOUT AUTHOR