Apple announced on 11 Aug. that it has swatted two bugs used to jailbreak the iPhone.
The update comes roughly a week after the release of JailbreakMe 2.0, which took advantage of two vulnerabilities in the iOS mobile operating system used by the iPhone, iPod Touch and iPad. According to Apple, the first was a stack buffer overflow that exists in FreeType’s handling of Compact Font Format opcodes that could be exploited to run arbitrary code via a PDF file with malicious embedded fonts.
From there, an integer overflow in the handling of IOSurface properties could be used to gain system privileges. Both bugs were fixed with improved bounds checking, Apple said in an advisory.
When reports of the vulnerabilities surfaced, security pros worried they would be used to launch malicious attacks. In the hands of attackers, the vulnerabilities could be used remotely to take over a system.
“Symantec has not seen any attacks leveraging this vulnerability yet, but I would say the appearance of attacks is not too far away since the iPhone is a popular product,” said Joshua Talbot, security intelligence manager for Symantec Security Response. “However, the fact that Apple has released a patch will go a long way in preventing users from being victimised by attackers seeking to exploit this issue.”
The updates are for “iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod Touch (second generation) and later” and iOS 3.2 and 3.2.1 for the iPad.
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…