tattoo empek empek

The iOS 4.3.4 software update addresses a vulnerability in the way the iOS handles PDF files, which potentially allowed hackers to plant malware onto Apple devices.

"Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution," Apple said in its update.

It added another vulnerability in its IOMobileFrameBuffer may also allow "malicious code running as the user (to) gain system privileges."

Covered by the update are iPad, iPod touch (3rd generation), iPhone 4, iPod touch (4th generation), and iPhone 3GS.

The update came a week after concerns were raised that cybercriminals may exploit a PDF vulnerability allowing the jailbreaking of Apple mobile devices.

Earlier, Macworld reported a new version of JailbreakMe, 3.0, may be used to jailbreak iOS devices running iOS 4.3.3, including the iPad 2 tablet.

Jailbreaking is a process where devices running Apples iOS are modified to allow them to run apps not authorized by Apple.

Macworld said JailbreakMe 3.0 is the first tool to enable an untethered jailbreak of the iPad 2. It exploits a vulnerability in the PDF rendering system of Apples Safari browser.

Users of JailbreakMe can simply point their iOS device mobile-Safari browser to jailbreakme.com and the hack is performed remotely, unlike most other tools that require a software download on your computer, such as PwnageTool and redsn0w," Macworld noted.

Last week, computer security firm Sophos urged Apple Inc. to patch the PDF vulnerability soonest.

Sophos senior technology consultant Graham Cluley said cybercriminals may set up sites claiming to jailbreak the Apple mobile devices, but actually plant malware.

I dont want to be a party pooper for those who wish to jailbreak their Apple devices, but its essential that Apple closes this vulnerability as quickly as possible... before it is abused with malicious intent," Cluley said in a blog post.

All eyes now turn to Apple to see how quickly it can secure its users from what could be a vector for iPhone/iPad malware infection. Leaving a security hole like this open is simply inviting malicious hackers to exploit it," he added.

Cluley noted that Comex," the creator of the JailBreakMe website, may have recognized that hackers might copy the exploit to use in the form of an iPad or iPhone virus.

He cited a note in Comexs site claiming he or she merely discovered the vulnerabilities.

I did not create the vulnerabilities, only discover them. Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable. Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run," Comex explained. TJD, GMA News