Just a day after the much-anticipated JailbreakMe 3.0 website went live and over 1,000,000 iOS devices took advantage of the web-based hack, Apple has confirmed it will kill the exploit in an upcoming software update.
The JailbreakMe PDF exploit takes advantage of a vulnerability in Apple’s mobile Safari browser that allows you to perform a jailbreak by simply visiting a website. However, malicious PDF files can be loaded onto your device in the same way, gaining access to root privileges without your consent and wreaking havoc with your system.
Germany’s Federal Office for Information Security has warned that opening “infected” PDF files unknowingly while browsing the web “is sufficient to infect the mobile device with malware without the user’s knowledge.”
It’s no surprise, then, that Apple is keen to patch this vulnerability before any of its iOS users become victims of unwanted hacks.
Apple spokeswoman Bethan Lloyd has confirmed that the company is “aware of this reported issue and developing a fix that will be available to customers in an upcoming software update.” Although Lloyd gave no indication of when the update might be available, users with no interest in jailbreaking their devices should look out for iOS 4.3.4 imminently.
For those of you who want to maintain your ability to jailbreak using JailbreakMe 3.0, the iPhone Dev-Team has advised that once you have performed the jailbreak process on your device, you should install “PDF Patcher 2’ from within Cydia which will fix the vulnerability.
[via The Next Web]