Software Fix for iOS PDF-Handling Vulnerability Awaiting Release
CNET reports that Apple has developed a software fix for the iOS security hole exploited to enable a Web-based jailbreak over the weekend, and that the fix will be deployed in an upcoming software update.
On Wednesday an Apple spokeswoman said in a statement, "We're aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update."
Apple declined to say when the update would be pushed out.
There are two distinct vulnerabilities in the iPhone uncovered with the jailbreak software's release, principal analyst Charlie Miller of Independent Security Evaluators told CNET Tuesday. One flaw is in the way the browser parses PDF files, enabling the code to get inside a protective sandbox, and the other hole allows code to break out of the sandbox and get root, or control, privileges on the device.
While the vulnerability was exploited to offer users a simple method to jailbreak their iOS devices in this case, it could easily be used as an entry point for the execution of malicious code.Top Rated Comments
(View all)
Apple is quick! :D I wonder when they will release it?
My take it is out before the end of the month. Anything that puts native code at the kernal level is nipped in the butt quick.
Sounds good, but Apple needs to change the way they do iOS software updates. No matter how small the changes are, users have to download the entire +350MB OS. This is very inefficient and probably discourages a lot of users from updating. Apple needs to do incremental updates.
I think updates fixing the holes that allow jailbreaking is the main reason people don't update.
I think most people jailbreak to unlock anyways to use on other carriers besides AT&T. I bet AT&T pushes Apple to avoid that from happening.
Good job Apple.
so, basically, no more jailbreaking this way....right?
Not for another 3 years, maybe.
Sounds good, but Apple needs to change the way they do iOS software updates. No matter how small the changes are, users have to download the entire +350MB OS. This is very inefficient and probably discourages a lot of users from updating. Apple needs to do incremental updates.
50K anti-jailbreak fix!
Don't see why Apple really cares :rolleyes:. There would be a lot less iPhones to replace/repair since jail-breaking voids the warranty.
I think most people jailbreak to unlock anyways to use on other carriers besides AT&T. I bet AT&T pushes Apple to avoid that from happening.
Only true if it breaks something which software restore cannot fix.
[ Read All Comments ]
Analytics firm Chitika today released a report showing that by its metrics iOS has now surpassed OS X in overall web traffic share in the United States. Chitika's methodology involves an analysis...
One of the most frequent reasons for an iPhone to go on a trip to the Apple Store's Genius Bar is because of water damage. Typically, a water damaged iPhone can be replaced for a flat $199...
TheVerge's Joshua Topolsky summarizes the iPad 3 casing findings reported earlier today, but also adds his own sources regarding some details of the iPad 3.
Image from RepairLabs
As...
Last July, Apple discontinued the white MacBook from its consumer lineup, pushing consumers toward the company's popular MacBook Air line or the 13-inch MacBook Pro. The company didn't kill...
Popular iPhone Twitter client Tweetbot has finally arrived on the iPad, with a user interface instantly familiar to any current Tweetbot user. Designed for the Twitter power-user, Tweetbot packs a...
