Print
The newest jailbreak for Apple's iOS platform has exposed a serious exploit that could allow a remote attacker to compromise the device. The exploit is present in all iPhones, iPads, and iPod Touches running version 3.1.2 and higher. The exploit doesn't even require any particular user intervention, just opening a malicious PDF document.
The user is just required to visit a web address in mobile Safari that will load a PDF document. The PDF contains malicious code hidden in a font. The font will cause a stack overflow, allowing the code to be run on the device. A hacker could conceivably do anything at that point. Anything from deleting files, to installing spyware in the background.
This is similar to an exploit early in the iPhone's existence that used TIFF images. But this time around there are many more iPhones in the world, so we expect Apple to take this pretty seriously. Users are cautioned to avoid any PDFs for the time being.
Comments are closed on this article
Links:
[1] http://www.maximumpc.com/user/ryan_whitwam
[2] http://gizmodo.com/5603319/
[3] http://www.maximumpc.com/article/news/first_virus_hits_jailbroken_iphone
[4] http://www.maximumpc.com/article/news/apple_iphone_jailbreaking_could_break_cell_phone_towers
[5] http://www.maximumpc.com/tags/apple
[6] http://www.maximumpc.com/tags/exploit
[7] http://www.maximumpc.com/tags/hacks
[8] http://www.maximumpc.com/tags/ios
[9] http://www.maximumpc.com/tags/jailbreak
[10] http://www.maximumpc.com/tags/pdf
[11] http://www.maximumpc.com/tags/security
[12] http://www.maximumpc.com/articles/news