1. OCAU Merchandise is available! Check out our 20th Anniversary Mugs, Classic Logo Shirts and much more! Discussion in this thread.
    Dismiss Notice

Masque vulnerability

Discussion in 'Apple iOS (OS & Devices)' started by Agg, Nov 12, 2014.

  1. Agg

    Agg Lord of the Pings

    Joined:
    Jun 16, 2001
    Messages:
    33,662
    Location:
    A Reported Post Near You
    There's a new iOS vulnerability, nicknamed "Masque". This in-house app may display an arbitrary title (like “New Flappy Bird”) that lures the user to install it, but the app can replace another genuine app after installation. All apps can be replaced except iOS preinstalled apps, such as Mobile Safari. This vulnerability exists because iOS doesn't enforce matching certificates for apps with the same bundle identifier. We verified this vulnerability on iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta, for both jailbroken and non-jailbroken devices.
     

Share This Page

Advertisement: