This past Friday Apple released iOS 4.3.4 for its spectrum of current and compatible iOS devices. The update—which was also released as iOS 4.2.9 for the CDMA iPhone 4—focused entirely on a security vulnerability uncovered by users earlier in the month. The issue concerns malicious PDF files, and has appeared and subsequently been patched by Apple in the past.
Although the exploit, if left unchecked, can technically allow malicious files to infect a user’s device, its primary use has been for jailbreaking devices (such as iPad 2) that have shipped with later versions of iOS 4. The browser based exploit comes courtesy of the same team behind the original incarnation of JailbreakMe.com which was the first widely adopted jailbreak method after iOS 4 first debuted.
Clearly opposed to both security loopholes and users jailbreaking its devices, Apple’s latest release effectively patches the vulnerability, protecting users from security threats while simultaneously rendering the browser based jailbreak useless. Apple has disclosed a support document detailing the various vulnerabilities patched in the release.
iOS 4.3.4 is compatible with the following list of devices, and is available via direct download or through iTunes.
- iPhone 4 (GSM model)
- iPhone 3GS
- iPad 2
- iPad
- iPod touch (4th generation)
- iPod touch (3rd generation)
iOS 4.2.9 is compatible with the CDMA (Verizon) model of iPhone 4 and is available via direct download, or by connecting a CMDA iPhone to iTunes.