Apple just released updates to the iPhone and iPad OS that “fixes” the PDF bug that let jailbreakme.com work.
The updates fix a security vulnerability that was associated with viewing malicious PDF files. It doesn’t appear that there are any fixes to any other issues (i.e., the proximity sensor glitch), but the fix to the PDF exploit insures that the iOS platform remains secure.
Like that wording? Jailbreaking is legal now but Apple still considers it malicious. I suppose they would since it lets you run apps on the iPhone that Steve didn’t approve.
If your iOS 4.01 iPhone or 3.2.1 iPad are jailbroken you don’t want this update just now.
Yeah, well if they’d come up with a fix for iOS 4 that turned my 3G into a pulsating ball of suck, I’d forgo the jailbreaking.
Actually in this case Apple’s terminology is completely correct.
The reason the crafted PDF files were able to jailbreak the phone is because there was a bug in the iPhone PDF reader that allowed the running of code at root level. Although this hole was useful for jailbreaking it can also, just as easily, be used by a malicious software developer to run not-so-nice code on the phone.
This hole was bad news from the word go and I’m rather shocked Apple took this long to fix it. Anybody with malicious intent could have gotten a rootkit ont an iPhone by getting the user to visit a website.
“and I’m rather shocked Apple took this long to fix it.”
Why?
Because of the severity of the flaw. You can essentially run any arbitrary code you want as the root user by getting somebody to visit a website.
This would be a great mechanism to install a root kit and use it to steal personal information (contacts, text messages, etc.), dial 1-900 numbers you profit from, abuse the owner’s data plan (just to spite them), etc. Essentially you can gain full control over their phone via this exploit.
With how critical the hole is I’m surprised Apple didn’t pump out a fix within a day or two of it being exploited.