The first worm targeting Apple's iPhone has been unleashed by an Australian hacker.

But the Ikee worm can infect only iPhones that have been modified or " jailbroken" to run unauthorised software and does not do anything malicious.

Ikee merely changes the infected iPhone's wallpaper to an image of singer Rick Astley and then seeks out other vulnerable iPhones to infect.

However, Ikee proves that jailbroken iPhones using the Unix SSH utility for connecting to the iPhone remotely over internet with the default password are vulnerable to hackers.

There is also a danger that the Ikee code could be modified to steal personal information, according to Graham Cluley, a technology consultant at security firm Sophos.

"Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm. Furthermore, a more malicious hacker could take the code written by Ikee and adapt it to have a more sinister payload," he said in a blog post.

The creator of Ikee has been identified as 21-year-old unemployed programmer Ashley Towns of Woologong, Australia.

Towns was tracked down by Joshua Davison, managing director of Australian ISP reseller JelTel, who published an interview with the worm's creator.

Towns claims he wanted to make the point that people should change default passwords and did not expect something that was supposed to be a "small prank" to get as far as it did.

"Jailbroken" iPod Touch devices using SSH with the default password are also vulnerable to infection by the Ikee worm or any other malware exploiting the vulnerability.

Davison has posted instructions on how to get rid of the Ikee worm and prevent future attacks that exploit the same vulnerability.

Such attacks are likely to increase, according to Cluley, as indicated by a Dutch hacker who used the vulnerability to hack iPhones and hold them hostage for €5 last week.

link - http://www.ComputerWeekly.com

Read more

Microsoft security updates cripple computers running Windows XP

Microsoft's monthly security updates for February have left Windows XP users unable to restart their computers, according to more than 100 people on a Microsoft support forum.

"I updated 11 Windows XP updates today and restarted my PC like it asked me to," said a user identified as "tansenroy".

"From then on, Windows cannot restart again. It is stopping at the blue screen with the following message: A problem has been detected and Windows has been shutdown to prevent damage to your computer."

The complaints started appearing after Microsoft released 13 security updates, but Microsoft forum moderator Kevin Hau said only one update was causing problems for XP.

"There is only one patch that requires uninstallation to resolve the blue screen issue. KB977165 is the patch in question, the other patches do not seem to cause the blue screen behaviour and do not need to be uninstalled," he said in a forum post.

Uninstalling the faulty patch will fix the problem, said Hau. Users should then follow the Microsoft guidance on how to protect their computers without installing the faulty update.

How to uninstall faulty XP patch

1. Boot from your Windows XP CD or DVD and start the recovery console

Once you are in the Repair Screen

2. Type this command: CHDIR $NtUninstallKB977165$\spuninst

3. Type this command: BATCH spuninst.txt

4. When complete, type this command: exit

link - http://www.ComputerWeekly.com

Read more