Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Apple is working to fix a security flaw in its iOS mobile platform that is being used to jailbreak iPad, iPhone and iPod Touch devices because it may soon be leveraged by malicious exploits.
The flaw involves the way iOS handles fonts embedded in PDF files and was revealed on Wednesday with the release of JailbreakMe 3, a web-based tool that allows users to easily jailbreak their devices, including the iPad 2.
Jailbreaking allows users to gain full or “root” access to their device and thereby install applications that are not available through Apple's official App Store.
Apple said it expects to fix the vulnerability in a forthcoming security update, but did not specify a time frame.
Germany's Federal Office for Information Security on Wednesday issued a warning that the flaw could be used by criminals to install malware on users' devices and steal confidential information.
Attackers could also exploit the weakness to access built-in cameras, or intercept phone conversations and GPS locations.
Attackers likely soon will begin exploiting the flaw, since public exploit code is already available, German officials said. No attacks have been identified yet, however.
The flaw affects iPad, iPhone and iPod Touch devices running iOS versions 4.3 through 4.3.3. Users of these devices should be cautious before opening PDF documents from unknown sources, German officials warned.
The hacker behind JailbreakMe 3, who uses the alias Comex, has released an unofficial patch for the flaw and made it available on the third-party app store Cydia. The fix, known as PDF Patch 2, can only be installed on a jailbroken device, however.
Researchers at Mac security firm Intego have warned users against jailbreaking their iOS devices, as doing so opens them up to increased security risks.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.