Software Fix for iOS PDF-Handling Vulnerability Awaiting Release
CNET reports that Apple has developed a software fix for the
iOS security hole exploited to enable a
Web-based jailbreak over the weekend, and that the fix will be deployed in an upcoming software update.
On Wednesday an Apple spokeswoman said in a statement, "We're aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update."
Apple declined to say when the update would be pushed out.
Apple had reported just yesterday that it was investigating the issue, which actually comprises a pair of flaws, and has obviously moved rapidly to close the security hole.
There are two distinct vulnerabilities in the iPhone uncovered with the jailbreak software's release, principal analyst Charlie Miller of Independent Security Evaluators told CNET Tuesday. One flaw is in the way the browser parses PDF files, enabling the code to get inside a protective sandbox, and the other hole allows code to break out of the sandbox and get root, or control, privileges on the device.
While the vulnerability was exploited to offer users a simple method to jailbreak their iOS devices in this case, it could easily be used as an entry point for the execution of malicious code.
Popular Stories
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports.
When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
Apple will no longer include EarPods with every iPhone sold in France, starting on January 24, according to a notice posted by a French carrier (via iGeneration). Apple was previously required to include EarPods in the box with the iPhone due to a French law that required every smartphone sold in the country to come with a "handsfree kit," but the law has now been changed in favor of reducing the ...
Following months of bleak news about Peloton's "precarious state," including the revelation that it has halted production of its bikes and treadmills, Apple is being floated as a potential buyer of Peloton's troubled fitness business.
Yesterday, CNBC reported that Peloton will temporarily stop production of its connected fitness products due to a "significant reduction" in consumer demand, a ...
Apple has always emphasized the depth of thought that goes into the design of its products. In the foreword to Designed by Apple in California, a photo book released by the company in 2016, Jony Ive explains how Apple strives "to define objects that appear effortless" and "so simple, coherent and inevitable that there could be no rational alternative."
But every once in a while even Apple...
Earlier this week, Bloomberg's Mark Gurman tweeted that Apple "will be holding a spring event" to announce a new iPhone SE and other hardware. In a recent edition of his newsletter, Gurman said the event is likely to occur in March or April.
Gurman did not elaborate on what "other hardware" will be announced at Apple's purported spring event, but rumors suggest at least four products are...
Apple is working on a number of new products that are set to launch this fall, and Bloomberg's Mark Gurman says that it will be "the widest array" of new devices that Apple has introduced in its history.
In his latest "Power On" newsletter, Gurman explains that Apple is working on four new iPhones (5G iPhone SE, iPhone 14, iPhone 14 Pro, and iPhone 14 Pro Max), an updated low-end MacBook Pro,...
The watchOS 8.4 release candidate that was seeded to developers and beta testers this morning addresses an ongoing bug that could cause some Apple Watch chargers not to work properly with the Apple Watch.
Back in December, we reported on a growing number of charging issues that Apple Watch Series 7 owners were facing. Since watchOS 8.3, there have been a number of complaints about...
The macOS Monterey 12.2 and iOS 15.3 release candidates that came out today appear to address a Safari bug that could cause your recent browsing history and details about your identity to be leaked to malicious entities.
As shared last week by browser fingerprinting service FingerprintJS, there is an issue with the WebKit implementation of the IndexedDB JavaScript API. Any website that uses...
Earlier this week, Apple began requiring that customers taking advantage of educational discounts in the United States verify their status as a teacher, student, or school staff member through UNiDAYS.
The requirement was a major change as Apple had never asked customers to go through a verification process in the United States before, and now, just three days after verification was added,...
