Apple promises update to patch PDF exploit

Dan Moren
6 August, 2010
View more articles fromthe author

Apple has already identified the iPhone security exploit used by the web-based jailbreak procedure released earlier this week and, according to a statement provided to CNet, the company has a software fix ready to go.

The hole reportedly consists of two separate exploits: one that allows a maliciously constructed PDF file to execute code and one that allows that code to burrow its way out of the sandbox that should prevent just such an exploit from having free roam of the rest of the phone’s software.

Apple said on Wednesday that it was investigating the reported security vulnerabilities, and on Thursday, the company told CNet: “We’re aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update.”

The flaws have sparked concerns from some quarters, with Germany’s Federal Office for Information Security issuing a warning about them.

However, it’s uncertain when Apple will release this software update; in the past, the company has opted to roll security fixes for the Mac OS into its usual software updates, but at the same time the company has been quick to issue security fixes for the iPhone. At last year’s Black Hat security conference, hackers demonstrated an exploit using the phone’s SMS system; Apple patched the flaw the very next day.

One Comment

One person was compelled to have their say. We encourage you to do the same..

  1. Jailbreaking your iPhone: the pros and cons - Australian Macworld says:

    [...] of Cydia. There hasn’t been a jailbreak this easy in years. (At least until Apple delivers its promised update that will patch those [...]

Leave a Comment

Please keep your comments friendly on the topic.

Contact us