By Charlie Sorrel August 12, 2010 | 6:44 am | Categories: Hacks, Mods and DIY
A pair of software updates from Apple have patched the rather dangerous security hole that allowed any website to run arbitrary code on the iPhone and iPad. The hole was exploited by hacker Comex to allow users to jailbreak their iOS devices just by visiting a website and tapping a link.
The hack actually used two exploits. One used a corrupted font in a PDF to allow any code to be run on your device. The second leap-frogged the first and allowed that code to get super-user, or root, privileges, letting it install anything, anywhere on the system.
Comex’ hack opened up your iPhone an allowed you to install non-App Store apps on it, but the security hole could have been used to do almost anything to your phone. To Apple users, used to the almost impregnable fortress that it Mac OS X, this is terrifying.
Two fixes are available: iOS 4.0.2 for the iPhone and iPod Touch, and iOS 3.2.2 for the iPad. Users who didn’t upgrade their iPhone’s to iOS 4 can rest easy. Your device is not affected. [Update: It appears that the exploit does affect previous versions of iOS.] And what happens now when you visit JailbreakMe.com? You see the screen above, and the jailbreak will no longer work.
The update is available now via iTune