So says F-Secure’s Mikko Hypponen on Twitter.
“Apple has fixed a security hole used to get around restrictions on what applications can run on iPhones, iPads, and the iPod Touch”, says the BBC.
Comex, maker of JailbreakMe 2.0, “released code that others could put to use hijacking iPhones, iPod Touches and iPads”, says Computerworld.
The exploits he used to jailbreak the iOS “could be used for other purposes, including delivering malicious payloads to grab control of iPhones, iPads, and iPod Touches”, it says, going all that’d be necessary would be for hackers to dupe users into visiting a malicious Web site, or persuade them to click on a link in an e-mail or text message.
But “Apple did not patch 2007′s first-generation iPhone or iPod Touch yesterday, delivering the update only to the iPhone 3G or later running the iOS 2.0 or later, and to the second-generation iPod Touch or later running iOS 2.1 or later”, says the story, pointing out >>>
Lacking patches, those early models may be vulnerable to attack.
Also possibly at risk: Mac OS X. Like iOS, Apple’s desktop operating system includes the FreeType font engine, which may be vulnerable to the same or a similar exploit.
And users who have used comex’s code to jailbreak their iPhones have a decision to make. If they accept Wednesday’s update, they lose the ability to install and run software not approved by Apple. But by ignoring the update, they may be victimized by future attacks based on the public code.
Security experts “urged everyone, jailbreakers included, to apply the update”, Computerworld says.
… and identi.ca
Use free p2pnet newsfeeds for your site. It`s really easy!
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.