Apple announced on 11 Aug. that it has swatted two bugs used to jailbreak the iPhone.
The update comes roughly a week after the release of JailbreakMe 2.0, which took advantage of two vulnerabilities in the iOS mobile operating system used by the iPhone, iPod Touch and iPad. According to Apple, the first was a stack buffer overflow that exists in FreeType’s handling of Compact Font Format opcodes that could be exploited to run arbitrary code via a PDF file with malicious embedded fonts.
From there, an integer overflow in the handling of IOSurface properties could be used to gain system privileges. Both bugs were fixed with improved bounds checking, Apple said in an advisory.
When reports of the vulnerabilities surfaced, security pros worried they would be used to launch malicious attacks. In the hands of attackers, the vulnerabilities could be used remotely to take over a system.
“Symantec has not seen any attacks leveraging this vulnerability yet, but I would say the appearance of attacks is not too far away since the iPhone is a popular product,” said Joshua Talbot, security intelligence manager for Symantec Security Response. “However, the fact that Apple has released a patch will go a long way in preventing users from being victimised by attackers seeking to exploit this issue.”
The updates are for “iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod Touch (second generation) and later” and iOS 3.2 and 3.2.1 for the iPad.
As Musk guts US federal agencies, SEC issues summons over Elon's failure to disclose ownership…
Moonshot project Taara spun out of Google, and uses lasers and not satellites to provide…
Pebble creator launches two new PebbleOS-based smartwatches with 30-day battery life, e-ink screens after OS…
Amazon loses appeal in Luxembourg's administrative court over 746m euro GDPR fine related to use…
Nvidia, xAI to participate in project backed by BlackRock, Microsoft to invest $100bn in AI…
Google agrees to pay $28m to settle claims it offered higher pay and more opportunities…
