PDF Exploit Patched in iOS 4.0.2

ByMike Moffit

This time last week, Apple released the second revision to its iOS4 mobile operating system. This incremental update is focused entirely on patching a security vulnerability associated with Safari’s handling of PDF files. Under the previous iterations of the OS, a malicious PDF file could break through security by exploiting and subsequently crashing the Compact Font Format Handler in Safari. Introduced alongside comex’s fairly innocuous web based “JailbreakMe” exploit, this vulnerability has raised several security concerns. Though the jailbreak is legitimate, the same PDF exploit easily opens the gateway to malicious attacks which could put a user’s data and hardware at risk. Though no such attacks have been reported, a user would merely have to open a PDF to put themselves at risk.

Sensing the potential danger, and attempting to maintain their grasp over unlocked phones, Apple was quick to roll out an update. Though this update fixes the Safari security vulnerability, it also disables any “extra” features users may have enabled on their devices. While the update weighs in at a sizable 500MB, it addresses no other issues besides the Safari exploit. Users experiencing other issues under iOS4 will unfortunately have to wait until iOS 4.1 before their problems are further addressed.

Releasing a fix for iPad users as well, Apple has updated the iPad’s OS to version 3.2.2. Both updates can be easily downloaded through iTunes. Upon syncing your device, you should be automatically prompted with a message alerting you to the update. As always, we recommend backing up your device before performing a software update.

Similar Posts

  • iOS 5 Available October 12 (that's next week!!)

    On Tuesday Apple announced the October 12 launch of iOS 5—a free upgrade for iPhone 3GS, iPhone 4, iPod touch 2nd and 3rd generation, iPad and iPad 2 and a standard feature on iPhone 4S. iOS 5 will include over 200 new features, and Scott Forstall—senior vice president of iOS software—gave an overview of the top ten new and enhanced iOS 5 apps:

    Notifications
    All of your notifications—from email and text messages to social media updates—will be housed in one location that you can access by swiping down from the top of the screen in any app or on the home screen. New notifications will be briefly displayed at the top of the screen in apps so as not to interrupt whatever you’re doing when they arrive. You’ll also be able to swipe to notifications from the Lock Screen.

    iMessage
    Send unlimited text messages to other iOS 5 users from your device via Wi-Fi or 3G. iMessage will support photo, video, location and contacts as well. Messages will be synced to all your devices so you can seamlessly switch from one device to another during a conversation.

    Reminders
    This brand-new app will help you organize your life with to-do lists that integrate with iCal, Outlook and iCloud. Location-based reminders will alert you to to-do items when you when you’ve reached the point where you want to be reminded. iPhone 4S users will be able to use Siri’s voice recognition capability to set reminders.

    Twitter integration
    Now you’ll only have to sign into Twitter once—in Settings—and you’ll be able to Tweet from multiple apps, including Camera, Safari and Maps.

    Newsstand
    Organize your newspaper and magazine subscriptions so you can access them from one location. Subscribe to a publication on the App Store and it will automatically be directed to Newsstand and updated when a new issue drops.

    Camera
    Accessing Camera will be easier than ever in iOS 5 because you can open the app right from the Lock screen. The volume-up button will function as a shutter button for added usability.

    Game Center
    A number of new features will be available in Game Center, including friend recommendations, new game notifications and enhanced opponent score information.

    Safari
    Enhancements to the built-in browser will include Reader, which allows for easier reading of articles, and Reading List, where you can save articles to read later (saved articles will be synced across your devices via iCloud). Tabbed browsing in Safari will be available on iPad.

    Mail
    Text formatting, flagging, mailbox creation deletion, search features and more will be available in Mail. Plus, you’ll be able to create a free email account that iCloud syncs across your devices.

    PC Free
    Device activation, software updates, back ups and more will no longer require syncing your device to your computer. (This is huge!)

    According to Forstall, Apple has seeded iOS 5 to 100,000+ developers who “love it,” and we’re sure we will too! Visit apple.com/ios for more details.

  • iOS 4.3 Released Today

    Apple released the latest version of their mobile operating system iOS 4.3 today.  This is a free download and contains some exciting new…

  • Happy Birthday Apple

    Apple Inc. today celebrates its 35th birthday. The company—which was established April 1st 1976 by Steve Jobs, Steve Wozniak and Ronald Wayne—had humble…

  • iTunes 7.2: A Downgrade? – Part Two

    Last week it was discovered (and actively blogged about) that user account information is embedded in the AAC music files purchased from the…

  • iOS 7's Education Advantage

    iOS 7 embraces the environment of education with many new features to help deploy devices in schools. In the past, iOS has done…