Apple Fixes iOS PDF Security Hole With iOS 4.0.2 and 3.2.2

[MacRumors]

Apple today released updated versions of its iOS operating system, addressing a significant security vulnerability in the way Safari handles PDF files on Apple's mobile devices. The new versions, which arrive as iOS 4.0.2 for the iPhone and iPod touch and iOS 3.2.2 for the iPad, should also disable the Web-based JailbreakMe service that first exploited the vulnerability.

Apple noted one week ago that it had developed a fix for the security hole, but did not offer a timeline for its release.

Article Link: Apple Fixes iOS PDF Security Hole With iOS 4.0.2 and 3.2.2

 

[iphoneblack]

lol how long it took...

 

[goinskiing]

It was coming sooner or later. Don't update if you plan on using jailbreakme.com.

 

[DTphonehome]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A306 Safari/6531.22.7)

Oh goody, can't wait to upgrade and not be able to jailbreak!

 

[Intell]

Dear (entity of your choice) no, I don't want to look at all of the "n00b updated to 4.0.2 need jailbreak plz" threads.

 

[dwman]

It was coming sooner or later. Don't update if you plan on using jailbreakme.com.

Yup, still thinking of JB my phone. I'm going to hold off on this for now.

 

[xraydoc]

Any other changes/bug fixes?

 

[brayhite]

Is the security fix the only update?

 

[rgarjr]

Took forever to get this out..

 

[tigres]

An update worth skipping

 

[ltldrummerboy]

Back up your SHSHs while you still can.

http://thefirmwareumbrella.blogspot.com/

 

[Pecker]

Looking to see if this will fix the proximity sensor bug as well...

 

[heehee]

It says I have the latest update.

 

[TorontoLRT]

I'm probably not going to JB, but in case I do, I'm not upgrading!

 

[b-rad g]

Looking to see if this will fix the proximity sensor bug as well...

Nope!

 

[err404]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A306 Safari/6531.22.7)

Oh goody, can't wait to upgrade and not be able to jailbreak!

I think the important part is that it plugs a very serious remote code execution vulnerability. That said, I'm not upgrading

 

[dukebound85]

so my first gen ipod touch is out of luck? stuck with this vulnerability forever?

 

[Mystikal]

Brace for n00b impact...

 

[bornblind]

No thanks Apple

 

[mpd659]

I don't see why they can't fix the proximity sensor bug??

 

[ouimetnick]

Good thing my brother jailbroke his iPhone 3G when iOS 4.0.1 was out. He's unlocked too

 

[Intell]

It says I have the latest update.

It usually takes a little while for it to trickle down to everyone.

so my first gen ipod touch is out of luck? stuck with this vulnerability forever?

Yep.

 

[definitive]

anyone know if they updated the baseband too?

 

[jamesryanbell]

Does it fix the proximity sensor bug?? I don't understand why it has taking them this long to fix it.

+1.

It's ridiculous they haven't offered a fix for this yet.

 

[ltldrummerboy]

so my first gen ipod touch is out of luck? stuck with this vulnerability forever?

And stuck with the best jailbreak of all time forever.

It is disappointing that Apple probably won't fix this exploit on older devices, but you can always install PDF Loading Warner in Cydia.