Slashdot Mirror

← Back to Stories (view on slashdot.org)

MDM Vulnerability In Apple iOS Sandbox Facilitates 'Rogue Apps'

Posted by Soulskill on from the that's-the-one-with-the-lion-right? dept.

An anonymous reader writes: A vulnerability in Apple's iOS sandbox, which could affect personal information as well as configuration settings, has been discovered by Appthority's Enterprise Mobility Threat Team. It affects all mobile device management (MDM) clients, and any mobile applications distributed by an MDM that use the "Managed App Configuration" setting for private data. An attacker could potentially create a rogue app, perhaps masquerading as a productivity tool to increase the chances of it getting installed, and then distribute the attack by means of the iTunes store or "spear fishing" email attacks.

1 of 13 comments (clear)

  1. Re: Has been fixed in iOS 8.4.1 by valkraider · · Score: 1, Offtopic

    While ï£Music is a steaming pile of poo - and ï£Music certainly has raised havoc with my personal music library - I would say that " They flat-out break the device in order to push Apple's streaming music service." is not even close to true. I have 6 devices functioning perfectly fine on 8.4.1 (for everything except playing music via Apple's apps).