Software flaw could let hackers control Apple devices, says security expert

Hackers could access private data and erase information on iPhones and iPads

A flaw in Apple's iOS operating system could allow hackers to access private data, send messages or erase information on iPhones and iPads.

The warning comes from a report from security firm Kaspersky Lab's news service, Threatpost.

The report describes a test by Charlie Miller, a researcher at Accuvant Labs, which demonstrated the software flaw. Miller built an application called Instastock that was seemingly a stock-market information tool. However, the application is able to communicate with a server Miller controls, allowing him to send commands to the application and perform a number of illegal actions.

Applications available on Apple's official App Store are widely trusted as security checks have to be passed before they are made available. Although in the past, jail-breaking and third-party software has been used to bypass the platform's restrictions, Apple has always moved swiftly to patch these vulerabilities.

Miller apparently informed Apple of the vulnerability he discovered on 14 October and told Threatpost that he expects the company to fix the issue.

Ovum analyst Andy Kellett believes that businesses will be concerned, especially as bring your own device (BYOD) to work is becoming more common in the enterprise.

"This is a big issue because of bring your own device to work, and it will make enterprises take another look at how secure devices really are," said Kellett.

"BlackBerry has generally been the primary business choice for a device but employees are now tending to want to bring iPhones and iPads into the workplace as they are more fashionable.

"This will make enterprises aware that the iOS software could be susceptible to hackers and drive them away from the BYOD idea," he continued.

He does, however, believe that if Apple fix the issue and no other security problems come to light in the coming months, enterprises will take a closer look at BYOD, especially if it provides greater business opportunities.

According to Miller, the flaw will exist on any iOS device running version 4.3 or later.