|A flaw discovered by a German federal security agency has thrust iOS security into the spotlight.|
CUPERTINO, California ( TheStreet) -- Apple ( APPL) devices such as the iPhone and the iPad have earned a reputation for being much more secure than their Google ( GOOG) Android counterparts, although a new hole in the tech giant's iOS software is casting an unexpected security spotlight on the iPhone maker. Germany's Federal Office of Information Security has warned that an iOS security flaw could leave devices such as iPhones, iPads and the iPod Touch vulnerable to malicious software when users view PDFs. Versions of iOS up to and including 4.3.3. are at risk, according to the agency, which warned that other versions of the operating system could also be vulnerable.
Graham Cluley, senior technology consultant at security specialist Sophos told TheStreet that the flaw is particularly notable because it affects iPhones that have not been 'jailbroken' or freed from the app limitations imposed by Apple. "The only malware for iPhones so far has been for jailbroken iPhones -- there hasn't been any malware for non-jailbroken iPhones," he told TheStreet "Most people have felt fairly safe with their iPhones if they haven't tampered with them --
the new flaw is a big deal in so much as there's no official fix." The security hole certainly runs counter to popular opinion about Apple's operating system. Just last month, for example, security specialist Symantec ( SYMC) reported that iOS offers "full protection" against malware, compared to "little protection" on the Android OS. Symantec also highlighted the lack of malware targeting non-jailbroken iOS devices, noting Apple's tight controls over the device and its applications. This, it said, increases the likelihood of catching any shenanigan-doers. "Overall, Symantec considers iOS's security model to be well designed and thus far it has proven largely resistant to attack," added the security software maker. "There has been much more of a malware problem on Android than there has been on iPhone because Apple has much tighter control over its OS," explained Sophos' Cluley. "Historically, they have done much better in security, but that doesn't mean that they are not an attractive target." In its statement, Germany's Federal Office of Information Security said although no attacks have been observed as a result of the security flaw it's likely that bad guys are attempting to exploit the vulnerability. In a worst-case scenario, cyber criminals could access confidential information such as passwords, online banking data and emails, it said.
Despite the robust reputation of its gadgets, Apple is no stranger to the occasional security issue. Last year, for example, the same German agency warned of two "critical" vulnerabilities in iOS, which were quickly patched by Apple. The Silicon Valley heavyweight is already addressing the latest flaw, according to an Apple spokeswoman. "Apple takes security very seriously, we're aware of this reported issue and developing a fix that will be available to customers in an upcoming software update," she explained, in a statement. The company, however, has not said when this update will be available. The last couple of days have not been the easiest for Apple, which saw its attempt to stop online retail giant Amazon ( AMZN) using the phrase "App Store" nixed by a federal judge on Wednesday. U.S. District Judge Phyllis Hamilton wrote on Wednesday that Apple "has not established a likelihood of confusion" with Amazon's services for the iPhone maker to get an injunction. Apple shares nonetheless rose $4.37, or 1.24%, to $356.13 on Thursday, mirroring the broader advance in tech stocks that saw the Nasdaq gain 1.35%. --Written by James Rogers in New York. >To follow the writer on Twitter, go to http://twitter.com/jamesjrogers. >To submit a news tip, send an email to: email@example.com.