Apple has confirmed to roll-out critical software update to patch the vulnerability being used by web based jailbreakme.com tool via mobile safari browser. The statement was issued after Germany’s Federal Office for Information Security issued a warning to consumers that the fallacy in iOS 4.3.3 could provide cyber criminals an unauthorized access, if a malicious PDF (Portable Document Format) file is opened, reports WSJ.
Once the Apple device is infected, attackers could easily gain administrative privileges and read sensitive information such as passwords, online banking credentials, emails, photos and could also intercept telephone conversations including GPS location of the user, which can then be used for nefarious purposes.
The security hole which is reported to be present across all Apple’s iOS software including the latest iOS 4.3.3 must be promptly fixed before any user become victim of unwanted hacks. Apple spokeswoman Bethan Lloyd told that the company is working on a fix and will roll-out security update as soon as they can. Apparently, she declined to comment on timeframe for the fix -
“Apple takes security very seriously. We’re aware of this reported issue and are developing a fix that will be available to customers in an upcoming software update,”
This should serve as a wake-up call for anyone having Apple device. Till the time the brains at Cupertino releases a fix, users must refrain themselves from clicking any PDF file originating from unknown sources. All those who do not believe in jailbreaking and voiding warranty, must wait for iOS 4.3.4 to arrive.
Interestingly, only Jailbroken devices are safe from iOS 4.3.3 flaw. If you have successfully pwned your device, head over immediately to install Cydia app ‘PDF Patcher 2′ that promises to close the loophole quickly and guards your iPhone, iPad against the flaw. Via [WSJ]