Apple iPhone, iPad iOS 9 security flaw lets malicious apps sneak onto enterprise devices

Since iOS 9, Apple has raised the bar for trusting enterprise apps.

Image: Apple

Researchers at security firm CheckPoint have discovered a new way to attack iPhones and iPads using a twist on previous methods that rely on rogue enterprise developer certificates to install a malicious app.

Apple offers enterprise certificates to allow businesses to distribute apps outside the App Store and without undergoing Apple’s app-review process.

However, these certificates have been hijacked in the past for signing malicious apps. Before iOS 9, users attempting to install an enterprise app would only need to tap ‘Trust’ once to…

Read Story