Apple Patches iPhone Jailbreak Security Vulnerabilities
Apple closes the door on two vulnerabilities used to jailbreak the iPhone. The bugs, which existed in Apple iOS, could have potentially been exploited by attackers to take over the iPhone, iPod Touch and iPad.Apple announced Aug. 11 that it has swatted two bugs used to jailbreak the iPhone. The update comes roughly a week after the release of JailbreakMe 2.0, which took advantage of two vulnerabilities in the iOS mobile operating system used by the iPhone, iPod Touch and iPad. According to Apple, the first was a stack buffer overflow that exists in FreeType's handling of Compact Font Format opcodes that could be exploited to run arbitrary code via a PDF file with malicious embedded fonts.
From there, an integer overflow in the handling of IOSurface properties could be used to gain system privileges. Both bugs were fixed with improved bounds checking, Apple said in an advisory.