ID: IRCNE2011071176
Date: 2011-07-11
According to" scmagazineus", Apple on Thursday said it is working to fix a security flaw in its iOS mobile platform that is being used to jailbreak iPad, iPhone and iPod Touch devices and may soon be leveraged by more nefarious individuals.
The flaw, which involves the way iOS handles fonts embedded in PDF files, was revealed on Wednesday with the release of JailbreakMe 3, a web-based tool that allows users to easily jailbreak their devices, including the iPad 2.
Jailbreaking allows users to gain full or “root” access to their device and thereby install applications that are not available through Apple's official App Store.
Apple said it expects to fix the vulnerability in a forthcoming security update, but did not specify a time frame.
Germany's Federal Office for Information Security on Wednesday issued a warning that the flaw could be used by criminals to install malware on users' devices and steal confidential information.
The flaw affects iPad, iPhone and iPod Touch devices running iOS versions 4.3 through 4.3.3. Users of these devices should be cautious before opening PDF documents from unknown sources, German officials warned.
The hacker behind JailbreakMe 3, who uses the alias Comex, has released an unofficial patch for the flaw and made it available on the third-party app store Cydia. The fix, known as PDF Patch 2, can only be installed on a jailbroken device.
Link:
iPhone hacked with zero-day font vulnerability
- 2