Hackers exploit Adobe bug to jailbreak iPhones

iPhone apps is a topic of interest to many as evidenced by the popularity of a recent MACHINE DESIGN article. So this news from steve@jasik.com might interest you. He says hackers recently released a way to effortlessly jailbreak a phone, which could have repercussions for PC users.

A user merely went to the Web site jailbreakme.com on their iPhone, executed a "slide to unlock" motion, and the phone was jailbroken. "No futzing around with a special program that you had to download, or press funny key combinations for precise amounts of time to put the iPhone in DFU mode," he says.

Jasik explains that the hacker, an 18-year-old male in Westchester N.Y., exploited a stack overflow bug in Adobe's PDF processor.

He says in response, Apple has released a fix for some iPhones in the form of a 4.0.2 update.

"If you have jaibroken your iPhone (any version), the Cydia store has released a "PDF Patch (CVE-2010-17)" which fixes the bug in PDF displays so it is now safe to display them. As a test, the code at jailbreakme.com no longer works. A knowledgeable friend pointed out that Adobe software (Flash and PDF processing) has had a number of major bugs, with some fixed in the last year or so. His advice is to keep your Adobe software (Reader, etc.) up-to-date because the bug exploited by hackers to jailbreak iPhone's applies also to PCs (Windows and Mac) and could be used to install malicious software (malware)."

Please or Register to post comments.

Blog Archive
Connect With Us