Apple today patched the two vulnerabilities used to jailbreak Apple's newest iOS 4 operating system, bugs that security researchers warned could be used to hijack iPhones, iPod Touches or iPads.
The patches came just 10 days after a group published a site that automatically exploited and then jailbroke any iOS 4 device that used the mobile Safari browser to surf to jailbreakme.com.
Last week, one prominent iPhone vulnerability researcher called the exploit -- which was actually a two-stage hack -- both "sweet" and "scary."
Also last week, other researchers confirmed that the first exploit of the pair leveraged a flaw in Safari's parsing of fonts in PDF documents to compromise the browser. A second vulnerability was exploited to break out of the isolating "sandbox" and gain full, or "root," control of the device.
More: http://www.computerworld.com/s/article/9180581/
The patches came just 10 days after a group published a site that automatically exploited and then jailbroke any iOS 4 device that used the mobile Safari browser to surf to jailbreakme.com.
Last week, one prominent iPhone vulnerability researcher called the exploit -- which was actually a two-stage hack -- both "sweet" and "scary."
Also last week, other researchers confirmed that the first exploit of the pair leveraged a flaw in Safari's parsing of fonts in PDF documents to compromise the browser. A second vulnerability was exploited to break out of the isolating "sandbox" and gain full, or "root," control of the device.
More: http://www.computerworld.com/s/article/9180581/