Ever since Dev Team member Comex unleashed his latest jailbreak on iOS 4 users through the website JailbreakMe, an extremely dangerous exploit in the way Mobile Safari opens PDF files has effectively been in the wild.
Surprisingly, once the exploit used to effect the jailbreak was known, jailbroken iPhones were counter-intuitively more secure than their locked-down cousins, thanks to a Cydia-only software hack that plugs up the PDF vulnerability.
Needless to say, Apple wasn’t about to let that stand, and after marking the bug as “critical,” Cupertino has now released a statement on the matter.
“We’re aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update,” Apple has said.
This is a huge vulnerability, and to me, that sounds like Apple intends to have the hole plugged within the week. If you plan on jailbreaking, better do it now… just remember that if you decide to stick with iOS 4.0.1, you’re going to need to watch out for malicious PDF files.
