Apple plugs Jailbreakme security hole
By Stewart Mitchell
Posted on 12 Aug 2010 at 12:05
Apple has released an update to its iPhone OS that rectifies flaws that could have allowed hackers to take control of the device.
The update - iOS 4.0.2 - can be downloaded via iTunes and applies to second generation and later iPhones and iPod Touches.
According to Apple, the update closes two security flaws, one in which viewing a PDF document with maliciously crafted embedded fonts allowed arbitrary code execution, and another where malicious code could gain system privileges.
Not everyone with an iPhone will welcome the update, however, as it closes the door on the recently-released Jailbreakme application, which enables users to install non-approved software on their handsets.
The update isn't mandatory and users wanting to use Jailbreakme may simply avoid the update, but security experts say anyone rejecting the download would be leaving themselves open to attack.
“This does mean that users who have jailbroken their devices and prefer to keep it that way will have to face the increased likelihood of malicious attacks through this vulnerability,” said security company F-Secure on its blog.
“We recommend that all iOS users, including those who have jailbroken their devices, install the latest update now.”
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software