Two Dutch security researchers from Certified Secure, were able to bypass the security of an iPhone 4S and hijack the address book, photos, videos and browsing history of a fully patched iPhone mobile device. Certified Secure delivers a wide variety of online challenges, video’s, tools and training but the two researchers worked on the exploit in their free time for three whole weeks! The exploit used single 0-day vulnerability in WebKit to overcome Apple’s code signing requirements. According to the researchers “It was a basic vulnerability but we had to chain a lot of things together to write the exploit,” and that “We specifically chose this one because it was present in iOS 6 which means the new iPhone coming out today will be vulnerable to this attack,”
Read more here – http://www.zdnet.com/mobile-pwn2own-iphone-4s-hacked-by-dutch-team-7000004498/