Turn off the Ad Banner  

To print: Select File and then Print from your browser's menu.

    -----------------------------------------------
This story was printed from CdrInfo.com,
located at http://www.cdrinfo.com.
-----------------------------------------------

Appeared on: Saturday, July 16, 2011
Apple Fixes iOS Security Flaw

Apple has released a new version of iOS, 4.3.4 (4.2.9 for the Verizon iPhone) in an effort to fixed a PDF exploit that could allow hackers to take remote control of Apple's devices.

Website www.jailbreakme.com had released code that Apple customers could use to modify the iOS operating system that runs those devices through a process known as "jail breaking." The jailbreaking code exploited a vulnerability in iOS that had not previously been disclosed. Hackers could take advantage of the security hole to build malicious software that would exploit the vulnerability.

Here is how Apple described the issues that have been resolved with the release of the latest iOS update:

- A buffer overflow exists in FreeType's handling of TrueType font files. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution."
- A signedness issue exists in FreeType's handling of Type 1 fonts. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution."
- An invalid type conversion issue exists in the use of IOMobileFrameBuffer queueing primitives, which may allow malicious code running as the user to gain system privileges.

More information on the latest updates is available here (iOS 4.3.4) and here (iOS 4.2.9 for Verizon CDMA phones)


Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .