After last week’s report from the German government regarding PDF-related security vulnerabilities in MobileSafari, Apple has stepped up: The company on Friday released updates for all iOS devices that fix the problem. The updates are recommended for all users of Apple’s mobile devices.<\/p>\n
The patch comes in two versions, thanks to the different flavors of the iPhone 4. iOS 4.3.4 applies to the iPad and iPad 2, the third- and fourth-generation iPod Touch, the iPhone 3GS, and the iPhone 4 (GSM model); users of the CDMA model of the iPhone 4 instead get iOS 4.2.9.<\/p>\n
The issues addressed in the updates include the aforementioned PDF problem within Apple’s CoreGraphics framework, which exploits FreeType’s TrueType and Type 1 fonts to execute malicious code, and a conversion problem within the IOMobileFrameBuffer framework, which could allow code to inadvertently gain system privileges by posing as the user. The PDF-related exploits were also being used in the latest jailbreak method for iOS devices, a process that could be accomplished via the jailbreakme.com website; Apple’s patch reportedly now disables that method.<\/p>\n
You can download these updates by plugging in your respective iOS device and checking for updates in iTunes.<\/p>\n