Beware: Attackers Could Use New iPhone 4 Jailbreak Code to Carry Out Malicious Attacks
It seems like almost everyone I know has an iPhone, or at least wants one. Among iPhone users in the U.S.—where the phone’s operating system is locked and customers are limited to just one carrier—jailbreaking the devices is almost as popular. Jailbreaking Apple devices such as the iPhone essentially unlocks the operating system to allow root access, enabling users to make additional customizations to their phones.
Jailbreaking iPhones has its risks, because it opens the door to the devices becoming more susceptible to attack and malware infection. Another concern is that the vulnerabilities in the devices that the jailbreak code exploits could also be used to carry out malicious attacks against the users of the phones.
Just yesterday, such an exploit was published, targeting the fourth generation iPhone for the purpose of jailbreaking the device. Thankfully, the details of the exploit are not publicly documented and the authors have made some attempts to obfuscate the code; however, anyone may obtain a copy of the exploit by visiting a well-known site used for hosting jailbreaking code.
Symantec is still analyzing the exploit, but based on initial publicly available information, the exploit targets two unique vulnerabilities. The first issue is reportedly a PDF font parsing vulnerability affecting Mobile Safari. Upon successful exploitation, a second-stage local exploit is used to elevate to root privileges on the device. There has been no public confirmation as to whether or not these vulnerabilities affect desktop installations of Safari or OS X.
While this is the only currently known exploit for this issue and it is non-malicious, it is quite possible for an attacker to alter the existing payload for a malicious purpose. As such, iPhone users should be cautious when browsing unsolicited or suspicious websites, even if they haven’t jailbroken their device.