The JailBreaking race

Two weeks ago, two vulnerabilities were disclosed on iPad, iTouch, and iPhones. In a nutshell:

  • A buffer overflow in FreeType allowed arbitrary code execution from specially crafted pdf files
  • An integer overflow in IOsource allows gaining system privilege

Combining both exploits, it is possible to take control of the devices. A site used it to easily jailbreak iPhones and iPads. Jailbreaking allows to use a different network operator than the one locked by the manufacturer, in the case of Apple ATT Interestingly, since end of July, jailbreaking is legal in the US.

Apple has just issued new versions that correct these flaws: iOS 3.2.2 for iPads and iOS 4.0.2 for iPhones. It is a good thing because these vulnerabilities could be used for more than jailbreaking (although Apple may not have the same appreciation on jailbreaking)

One thought on “The JailBreaking race

  1. Pingback: Apple, Jailbreaking and Patents » The blog of content protection

Leave a Reply

Your email address will not be published. Required fields are marked *