Web Based Jail-Break for iOS Made Public
Via the delivery of a malicious PDF file there is a 0day that affects iOS version 3.1.2 to 4.0.1. This includes all models of devices such as the iPhone, iPad and iPod. The PDF is delivered via an iFrame, similar to attacks using PDF as a delivery system. The exploit is within a Type1c font, it bypasses the code signing/sandboxing feature of iOS and obtains root privileges. The file then proceeds to download the shellcode. It is very easy to alter this code for additional or specific payload deliveries.
It is important to realize that this exploit can be delivered either as a download or PDF in an email file. Users should only open PDF files from trusted sources until more information becomes available.
This is related to the jailbreakme_com site which exploits iOS, it is unclear if there is truely a wild version or is it well contained only at jailbreakme_com. Someone can easly reverse engineer and alter the PDF to conduct malicious activity so keep it as Critical and only access PDF's from sites/users you trust.
Intego is reporting that Apple has a fix and will be releasing it with the next update.
Reader Comments