iPhone Latest News

Apple plugs iOS security holes to thwart Jailbreakme.com exploit

Apple has rushed out a patch for multiple
security holes that allowed ‘drive-by download’ jailbreaking of iPhone
and iPad devices.

The flaws, exploited by the Jailbreakme.com
project, essentially allowed remote code execution attacks via
specially rigged fonts and escalation of privileges to escape the iOS
sandbox.  The Jailbreakme.com project used rigged PDF files to deliver
the malformed fonts.

Here’s the skinny on the three vulnerabilities patched by Apple with the iOS 4.3.4 software update:

• CoreGraphics (CVE-2010-3855) – Viewing a
  maliciously crafted PDF file may lead to an unexpected application
  termination or arbitrary code execution Description:  A buffer overflow
  exists in FreeType’s handling of TrueType fonts.
• CoreGraphics (CVE-2011-0226) – Viewing a
  maliciously crafted PDF file may lead to an unexpected application
  termination or arbitrary code execution Description:  A signedness issue
  exists in FreeType’s handling of Type 1 fonts.
• IOMobileFrameBuffer (CVE-2011-0227) – Malicious
  code running as the user may gain system privileges. An invalid type
  conversion issue exists in the use of IOMobileFrameBuffer queueing
  primitives, which may allow malicious code running as the user to gain
  system privileges.

The iOs 4.3.4 update is available for iOS 3.0 through 4.3.3 for
iPhone 3GS and iPhone 4 (GSM); iOS 3.1 through 4.3.3 for iPod touch (3rd
generation) and later; and iOS 3.2 through 4.3.3 for iPad.

[Thanks: http://www.zdnet.com]