Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals
2 comments

iOS 4.3.4 and 4.2.9 Fix PDF Vulnerability

Apple has released iOS 4.3.4 for the GSM iPhone 4 and 3GS, the iPad and iPad 2, and the 3rd and 4th generations of the iPod touch, along with iOS 4.2.9 for the CDMA iPhone 4. Both updates address a security vulnerability associated with viewing a malicious PDF file. Also fixed is a vulnerability that could enable malicious code running as the user to gain system privileges.

The PDF-based vulnerability, caused by a buffer overflow in the handling of TrueType and Type 1 fonts, was used in a recent jailbreaking effort — by definition, jailbreaking involves exploiting a security hole in iOS.

The updates are available only via iTunes, and despite the minimal changes, they’re big, so allot plenty of time to download and install.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About iOS 4.3.4 and 4.2.9 Fix PDF Vulnerability