Skip to main content

Apple iOS updates fix jailbreakme PDF vuln

posted onJuly 16, 2011
by l33tdawg

After last week's report from the German government regarding PDF-related security vulnerabilities in MobileSafari, Apple has stepped up: The company on Friday released updates for all iOS devices that fix the problem. The updates are recommended for all users of Apple's mobile devices.

Though they both fix the same three vulnerabilities, the patch comes in two versions, thanks to the different flavors of the iPhone 4. iOS 4.3.4 applies to the iPad and iPad 2, the third- and fourth-generation iPod Touch, the iPhone 3G S, and the iPhone 4 (GSM model); users of the CDMA model of the iPhone 4 instead get iOS 4.2.9.

The issues addressed in the updates include the aforementioned PDF problem within Apple's CoreGraphics framework, which exploits FreeType's TrueType and Type 1 fonts to execute malicious code, and a conversion problem within the IOMobileFrameBuffer framework, which could allow code to inadvertently gain system privileges by posing as the user. The PDF-related exploits were also being used in the latest jailbreak method for iOS devices, a process that could be accomplished via the jailbreakme.com website; Apple's patch reportedly now disables that method.

Source

Tags

Security Apple iOS

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th