The JailbreakMe utility for the iPhone that was unveiled earlier this week has revealed a security flaw in iOS4.
While so far the exploit has just been used to create JailbreakMe, the fear is that less scrupulous hackers could take control of devices remotely by redirecting users to a particular web page.
"It's really serious," said Charlie Miller, a principal analyst at Independent Security Evaluators, told CNET US. "Basically, the way the iPhone is made to be secure is through several layers of defense, so even if someone were to compromise your Web browser, it limits what they can do," Miller said.
The JailbreakMe utility takes advantage of the way Safari Mobile handles PDF files, and enables the hacker code to get inside a protective sandbox. The real danger comes as another security hole lets the code escape from that sandbox and enable the hacker to gain root privileges. From here it’s game over – as he or she would have full remote control over the device David Marcus, security research and communications manager at McAfee blogged over the issue stating that the PDF exploit should act as a ‘wake-up’ call.
“I hope I am not the only one who is bothered by this because it begs the question “What else can this be used for?” Vulnerabilities with reliable exploit code tend to get reused and repurposed for other attacks/malware/uses,” Marcus wrote.
Jailbreaking is popular as it enables users to quickly and easily remove Apple’s restrictions on what applications they can download to. Those who have already Jailbroken their iPhones are advised to install PDF Loading Warner, a free app that will warn users whenever a PDF is being downloaded to your phone.
Link: McAfee blog post.