The CEO of the company specialized in computer security called CrowdStrike, George Kurts, says that discovered a new browser exploit for iOS, Android and the new BlackBerry terminals and with its help any malware can gain total control over a smartphone. He claims that Windows Phone terminals are not affected by this exploit, but the rest of the devices can be exploited without too many problems. The exploit will be presented for all devices at the RSA 2012 conference that will take place tomorrow in San Francisco.
A significant vulnerability affecting all versions of the Webkit mobile browser could give malware complete control of your phone. The malware could listen in on your conversations, view through your camera and record everything in your email and messages. It can also track your locations at the time. George Kurtz, CEO of the new security company CrowdStrike, said that he'll demonstrate how the vulnerability works at a presentation at RSA tomorrow. According to Kurtz, the new vulnerability affects all Android, iOS and newer BlackBerry devices. It does not affect devices running Microsoft Windows Phone 7. Kurtz said this means virtually every smartphone and tablet in use globally shares this vulnerability.
Practically, his exploit would be excellent for the development of a userland jailbreak solution for iOS because it would give the Dev Team/Chronic Dev Team the opportunity to offer us an untethered jailbreak for iOS 5.1 without using an exploit that they already have have. Tomorrow's presentation should not give the audience clues about the exploited vulnerability, and if George Kurtz does not publish the source on which he exploits the operating systems, then Apple or Google will have no way to fix their operating systems.
