Apple to Patch Latest Jailbreak Hole in Upcoming Software Update
Earlier this week, the browser-based JailbreakMe.com solution went live once again, bringing a simple new method to jailbreak a number of iOS devices including the iPad 2. The tool has proven popular, with over one million users already having taken advantage of it.
Similar to earlier browser-based jailbreak mechanisms, the latest version takes advantage of a flaw in the way Safari handles PDF files, a vulnerability that could also be exploited by malicious parties. Consequently, it had been expected that Apple would move relatively quickly to patch the hole once it was revealed by the jailbreak procedure.
According to the Associated Press, Apple has indeed confirmed that it will be patching the hole in a future software update, but declined to provide a timeframe for the release of the update.
Apple Inc. spokeswoman Bethan Lloyd said Thursday the company is "aware of this reported issue and developing a fix that will be available to customers in an upcoming software update."
She declined to specify when the update would be available.
Apple's statement comes after Germany's information technology security agency issued an explicit warning about the "critical weaknesses" in iOS that could result in malware being deployed through infected PDF files.
Fully aware of the potential implications of malware authors exploiting the hole, the jailbreak community has already developed a fix for the issue, which was released into the Cydia Store for jailbroken devices alongside the new technique. Users who have jailbroken their devices, even through the new JailbreakMe.com technique, can thus patch the vulnerability, while non-jailbroken devices will have to wait for Apple's solution to be released.