Apple develops fix for iOS PDF attack, no word on release date
from Obsessable by Stephen Schenck
Apple users will soon be able to breathe a little easier when surfing the web on their iPhone, iPod touch, and iPad devices, as the company has already cooked up a fix to the potentially-devastating PDF vulnerability we told you about earlier this week.
The bug, which is triggered by maliciously-constructed fonts embedded in a PDF file hosted on a web site, potentially gives hackers the ability to do whatever they want with an Apple device running iOS 3.1.2 or later. This is extra scary because the hacker would have the same access rights as a jailbroken system, typically giving him even more control over the system than an end-user would enjoy.
Apple said yesterday that it has a fix put together for the series of faults that give rise to this vulnerability, but it wasn't ready to say just when it would be releasing that fix to users. Considering the implications of this attack, we sure can't blame Apple for wanting to make extra-sure that its solution is solid and not going to cause any new problems once installed. Look for the fix in the next iOS revision the company releases.