Security researcher Charlie Miller of Accuvant discovered a vulnerability in the Apple iOS software that enables him to use an app he placed in the iTunes App Store to download unsigned code from a remote Web server and run it on any iOS device. Apple has now pulled the app from the store after Miller discovered the vulnerability and demonstrated the way the bug works in a video released by the company. Noted Apple security expert Patrick Wardle discusses how cyber criminals are stepping up their game in targeting Apple users with new techniques and cyberattacks.
Source: https://threatpost.com/demo-charlie-millers-ios-code-signing-bug-110811/75866/