This article originally appeared in TidBITS on 2010-08-11 at 1:06 p.m.
The permanent URL for this article is: http://tidbits.com/article/11510
Include images: Off

iOS Security Fixes Released for Serious Vulnerabilities

by Glenn Fleishman

Fixes for two serious holes in iOS are now available in the form of iOS 3.2.2 [1] for iPad and iOS 4.0.2 [2] for 2008 and later models of iPhone and iPod touch. Attach your iOS device (or devices) to the computer with which you sync using iTunes, and use iTunes to download and install the upgrade.

One flaw lies in TrueType handling within Apple's iOS PDF display software. A PDF with fonts crafted in a particular way could allow a malicious party to run any code on an iOS device simply by getting you to view the PDF file. That flaw is paired with a second in IOSurface, a framework for buffering or holding images in memory. The IOSurface flaw allows the code to be executed in a way that gives the attack full system privileges.

At that point, an attacker could enable remote access, copy or delete all your data, or install background monitoring or call-interception software.

The flaws were revealed as part of the first successful iPhone 4 jailbreak in iOS 4, which required only that you visited a particular Web page. The escalation of privileges enabled the jailbreak software to crack Apple's protection against installing software other than that which the company allows.

Apple apparently no longer provides security upgrades for the iPhone 3.1 software branch, which is unfortunate as some iPhone 3G users were forced to revert from iOS 4 to 3.1.3 due to significant performance problems that Apple has said it is investigating.

Even with iOS 4 being a free upgrade, Apple should provide security fixes for known, significant problems in the previous widely used OS release. Further, original iPhone and iPod touch users will likely also be subject to these flaws, and cannot upgrade to iOS 4.

[1]: http://support.apple.com/kb/HT4292
[2]: http://support.apple.com/kb/HT4291