Jailbreak community develops its own iPhone patch

Jailbreak grandee Jay Freeman, aka Saurik, has released his own patch for the critical Jailbreakme vulnerability, aimed at protecting the iPhone, iPod touch and iPad from crafted PDF files. Apple has also nowplugged the security hole, a potent combination of two different vulnerabilities, but in doing so has left the first generation of iPhones and iPod touches out in the cold.

Apple ignored the first generation of the two devices in its update to iOS 4.0, thereby leaving a whopping 65 security vulnerabilities unplugged. This was particularly galling for iPhone users as Apple was still selling that generation of iPhone as late as July 2008.

On more recent models, Apple’s patch also un-jailbreaks jailbroken devices. For security reasons, users who want to stay jailbroken should install Freeman’s patch. Following yesterday’spublication of the source code for the Jailbreakme exploit, it is now just a matter of time before someone uses it to develop malware.

Freeman’s PDF patch is already available from homebrew installer Cydia. Cydia is generally installed automatically after jailbreaking. In testing, JailBreakMe.com was no longer able to inject code on heise Security’s patched test iPhone.

Source.

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: