iPhone Exploit Code Posted Online

The developer of a jailbreak for iPhones has posted source code attackers could use to compromise devices.

The developer, who goes by the name “Comex,” posted code for JailbreakMe 2.0 on the web on 11 August, after Apple released a pair of fixes for the iOS bugs the jailbreak leverages. The patches also address the problems on the iPad and iPod touch.

“The first issue exploited is a FreeType CFF (Compact Font Format) handling issue, exploitable via Mobile Safari to gain access to affected devices,” explained Michael Price, senior operations manager for McAfee Labs for Latin America. “The second issue exploited is an IOSurface framework issue that allows for administrative privileges to be obtained…This update should prevent both malicious attackers from exploiting these issues, as well as prevent the jailbreak technique from continuing to work–for updated devices.”

If the bugs are exploited successfully, they could allow an attacker to remotely compromise a device and take full control.

Jailbroken phones vulnerable

On 11 August, security researchers said they have not observed any attacks leveraging the bugs, but all that could change now that the source code has been posted. Users who have already jailbroken their devices will of course have to make the choice between installing the update and maintaining the freedom to install applications not approved by Apple, noted Mikko Hypponen, chief research officer at F-Secure.

“This does mean that users who have jailbroken their devices and prefer to keep it that way will have to face the increased likelihood of malicious attacks through this vulnerability,” he blogged.

According to an advisory from Apple, the patches–which came roughly a week after JailbreakMe 2.0 hit the street – are available for: iOS 2.0 through 4.0.1 on iPhone 3G and later, iOS 2.1 through 4.0 on the iPod touch (second generation) and later and iOS 3.2 and 3.2.1 for the iPad.