Apple on Wednesday released a fix to a security vulnerability in its iPhone OS that allowed for viewing of malicious PDF files.
The fix, available as an update on iTunes, patches a hole in the Safari mobile browser in iOS 4.0.1 and earlier versions for the iPhone and iPod Touch, as well as iOS 3.2.1 and earlier for the iPad. The software update is for the iPhone 3G, 3GS and 4 models, and second and third generation iPod Touch.
Apple said the security flaw was caused by a stack buffer overflow in FreeType, which meant that if an iPhone user viewed a PDF document with embedded malicious fonts it could allow for arbitrary code execution. That issue, combined with an IOSurface problem that allowed malicious code to gain system privileges, could allow for remote control of an iPhone.
Apple says it fixed both problems by improving bounds checking.
The security flaw was uncovered earlier this month by developers at Jailbreakme.com, which provides iPhone customers who wish to use a wireless carrier other than AT&T with a means to switch to another provider. Before the discovery of the Safari flaw, jailbreaking an iPhone required the device to be connected to a computer. Upon finding the flaw, Jailbreakme.com was able to exploit it so that jailbreaking an iPhone could be accomplished by pointing the Safari mobile browser to a certain Web page.