Apple JailBreakMe Vulnerability
Good information from Mikko Hyppönen.
Q: What is this all about?
A: It’s about a site called jailbreakme.com that enables you to Jailbreak your iPhones and iPads just by visiting the site.Q: So what’s the problem?
A: The problem is that the site uses a zero-day vulnerability to execute code on the device.Q: How does the vulnerability work?
A: Actually, it’s two vulnerabilities. First one uses a corrupted font embedded in a PDF file to execute code and the second one uses a vulnerability in the kernel to escalate the code execution to unsandboxed root.Q: How difficult was it to create this exploit?
A: Very difficult.Q: How difficult would it be for someone else to modify the exploit now that it’s out?
A: Quite easy.
Here’s the JailBreakMe blog.
EDITED TO ADD (8/14): Apple has released a patch. It doesn’t help people with old model iPhones and iPod Touches, or work for people who’ve jailbroken their phones.
EDITED TO ADD (8/15): More info.
Rich • August 10, 2010 12:40 PM
What is awesome is that most iPhone users will see this as a good thing. They will think “HEY! Now I can jail break my phone! And it’s ssoo easy!”. They wont even realize what it is that can be done. And Apple won’t care. The only way people will learn is if something REALLY bad happens. And all we need for that is some nerdy hacker to have a bad day.
Just imagine: Youre a hacker, chilling out at the coffee shop, toying around with Airpwn, and you notice an iPhone user using Wifi… You know where I’m going with this.