Live: Pixel Event Pixel Watch Fire TV vs. Frame TV Hellraiser Review Audible Deal Prime Day Pizza Deals Best Sheets
Want CNET to notify you of price drops and the latest stories?
No, thank you

Metasploit adds iPhone/iPod Touch hacks

Exploits are released based on a recent TIFF image-rendering flaw.

As reported in ComputerWorld, security researcher H.D. Moore has included several iPhone and iPod Touch exploits in the latest Metasploit tool. The free tool is used by professional pen-testers and criminal hackers alike. The new exploits take advantage of a flaw in the TIFF image-rendering library and are similar to flaws used by the iPhone Dev Team.

"This exploit is rock solid. It's very reliable, as reliable as the WMF [Windows Metafile] exploits in Windows. You can send it in an e-mail; you can embed it in a Web page," Moore told ComputerWorld.

Even if Apple fixes the flaw, which it is expected to do soon, Moore says that criminals can still exploit it by rolling the firmware back to a prepatched version. A Trojan in 2005 used a similar firmware rollback on the Sony PlayStation Portable.

Moore has previously written in his blog how any successful hack on a iPhone will give the attacker root access to the entire phone. In the past, adding exploits to Metaploit has been a shortcut to the wild attacks.