Apple's yearly developer conference should see iOS 8, OS X 10.10, and likely some hardware.
Apple to Patch Latest Jailbreak Hole in Upcoming Software Update
Earlier this week, the browser-based JailbreakMe.com solution went live once again, bringing a simple new method to jailbreak a number of iOS devices including the iPad 2. The tool has proven popular, with over one million users already having taken advantage of it.
Similar to earlier browser-based jailbreak mechanisms, the latest version takes advantage of a flaw in the way Safari handles PDF files, a vulnerability that could also be exploited by malicious parties. Consequently, it had been expected that Apple would move relatively quickly to patch the hole once it was revealed by the jailbreak procedure.
According to the Associated Press, Apple has indeed confirmed that it will be patching the hole in a future software update, but declined to provide a timeframe for the release of the update.
Fully aware of the potential implications of malware authors exploiting the hole, the jailbreak community has already developed a fix for the issue, which was released into the Cydia Store for jailbroken devices alongside the new technique. Users who have jailbroken their devices, even through the new JailbreakMe.com technique, can thus patch the vulnerability, while non-jailbroken devices will have to wait for Apple's solution to be released.
Similar to earlier browser-based jailbreak mechanisms, the latest version takes advantage of a flaw in the way Safari handles PDF files, a vulnerability that could also be exploited by malicious parties. Consequently, it had been expected that Apple would move relatively quickly to patch the hole once it was revealed by the jailbreak procedure.
According to the Associated Press, Apple has indeed confirmed that it will be patching the hole in a future software update, but declined to provide a timeframe for the release of the update.
Apple Inc. spokeswoman Bethan Lloyd said Thursday the company is "aware of this reported issue and developing a fix that will be available to customers in an upcoming software update."Apple's statement comes after Germany's information technology security agency issued an explicit warning about the "critical weaknesses" in iOS that could result in malware being deployed through infected PDF files.
She declined to specify when the update would be available.
Fully aware of the potential implications of malware authors exploiting the hole, the jailbreak community has already developed a fix for the issue, which was released into the Cydia Store for jailbroken devices alongside the new technique. Users who have jailbroken their devices, even through the new JailbreakMe.com technique, can thus patch the vulnerability, while non-jailbroken devices will have to wait for Apple's solution to be released.
[ 82 comments ]
Top Rated Comments
(View all)
36 months ago
Jailbroke my iPad 2 today, worked too damn well... then I looked around in Cydia and couldn't find anything I wanted that wasn't already coming for free in iOS 5... Guess I'll wait for 4.3.4 to get rid of the jailbreak and Cydia...
36 months ago
My jailbreak lasted a day, didn't see the point to be honest, from the fuss over it.
36 months ago
I love how apple calls this a "fix"
You do understand that jailbreaks work because they take advantage of a security vulnerability SO HUGE that they can actually rewrite parts of the device operating system, install entire apps that sidestep the normal install process, hack all kinds of system settings...
You don't consider that the tiniest bit dangerous? You'd rather Apple just leave it out there? Surely nobody would ever exploit such a vulnerability for evil, because hackers are all looking out for our best interests, right?
36 months ago
I'm all for jailbreakers and jailbreaking. Done it myself a few times.
Does this not put people who choose to not jailbreak into a potential security risk until Apple patches the now exposed security hole? Malicious code writers are now aware of a hole that millions of iOS devices have and the users are powerless to close it unless they choose to jailbreak and install the patch from Cydia.
Just sayin'
Does this not put people who choose to not jailbreak into a potential security risk until Apple patches the now exposed security hole? Malicious code writers are now aware of a hole that millions of iOS devices have and the users are powerless to close it unless they choose to jailbreak and install the patch from Cydia.
Just sayin'
36 months ago
This is getting a bit silly.
Apple should just release their own jailbreak option for iOS.
-Choose to jailbreak and you are on your own & good luck to you. Stick with Apple's oversight and they will cover you. Your choice.
Apple should just release their own jailbreak option for iOS.
-Choose to jailbreak and you are on your own & good luck to you. Stick with Apple's oversight and they will cover you. Your choice.
36 months ago
Apple can work fast when patching stupid JB holes, but we're still stuck with buggy-as-hell beta 2 for iOS 5 after a month.
Where the hell is beta 3, Apple?????
No beta 3 yet for ios 5?
This is it! I am leaving Apple for good.
Where would we all be if Apple released things on their schedule.
This is an outrage. How dare they!
In case you were serious:
May I suggest you contact Apple and PLEASE let them know that your time schedule is of the utmost importance and urgency?
36 months ago
I've always found it amusing how people get all defensive about how super-secure Apple iOS products are -- the same people who get super-excited about jailbreaking their devices, and who get upset when Apple fixes the vulnerability and disables the jailbreak. Yes, let's take advantage of a gaping security flaw, and boo on Apple for fixing it!
Edit: Case in point, the post right below me... what, you don't want this gaping security flaw fixed?
Edit: Case in point, the post right below me... what, you don't want this gaping security flaw fixed?
[ Read All Comments ]
Samsung and Globalfoundries announced yesterday that the two companies will adopt the same chip production process as they upgrade their manufacturing facilities in preparation for the next...
Apple, Google and two other large technology companies should not be allowed to block evidence in an upcoming trial involving their participation in "no solicitation" agreements that date...
Former Apple CEO John Sculley states that he now regrets his decision to remove Steve Jobs from the company in 1985 and that the move to force the co-founder out was a "mistake," according to...
Beginning tomorrow, Radio Shack will be selling the 16GB iPhone 5s for $99 with two-year contract on AT&T, Verizon and Sprint. This is $100 off the standard $199 price and one of the...
Yahoo today updated its Flickr photo sharing app to version 3.0, introducing a major design overhaul that revamps the look and feel of the app. Aiming to make capturing and editing photos easier, the...
Popular Photoshop alternative Pixelmator today announced that it is planning to introduce a new Repair Tool in an upcoming 3.2 "Sandstone" update, allowing users to remove dust, blemishes,...
Last week we posted renderings of what the iPhone 6 might look like based on leaked design drawings of the unreleased device. Since that time, we've seen early cases and possible design molds...
Blizzard Entertainment’s digital card trading game Hearthstone: Heroes of Warcraft for iPad is now available for download worldwide after soft-launching in Australia, Canada, and New Zealand in early...
