Apple iOS 4.3.4 Update Fixes PDF Vulnerability

Chloe Albanesius - PC Magazine

July 15, 2011 at 11:45 AM

Apple on Friday released iOS 4.3.4, which fixes an iOS vulnerability that could have let hackers remotely control iPhones, iPads, and iPod touches.

The update "fixes [a] security vulnerability associated with viewing malicious PDF files," Apple said. It is available now for iPhone 3GS and iPhone 4s running iOS 3.0 and higher, third-generation iPods with iOS 3.1 and higher, and iPads with iOS 3.2 and higher.

The update addresses three components of iOS: a buffer overflow in FreeType's handling of TrueType fonts; signedness issue in FreeType's handling of Type 1 fonts; and an invalid type conversion issue in the use of IOMobileFrameBuffer queueing primitives. Together, they could've allowed an attacker to take control of your device via an infected PDF.

Earlier this week, Apple acknowledged the issue and promised a fix via an upcoming software update. "Apple takes security very seriously," a spokesperson said.

The move came after the German Federal Office for Information Security (BSI) issued a warning about the possibility of attacks via PDF files. In a translated version of the report, the agency said clicking on an infected PDF via email or on the Web was enough to infect an iOS device with malicious software and give the attacker administrative privileges on the device.

The warning said there have been no reported attacks, but anyone taking advantage of the vulnerability could potentially access things like passwords, online banking data, calendars, emails, text, or contact information, BSI said. There could also be access to built-in cameras, the interception of telephone conversations, and the GPS localization of the user.

The fix comes amidst the release of JailBreakMe, software that would jailbreak an iOS device using the PDF vulnerability. The program quickly hit 1 million jailbreaks; "be sure to share a link with your friends while it's still available," Grant Paul, one of the creators, tweeted last week.

Apple's last update, 4.3.3, was released in early May and solved a controversial "bug" with Apple's location-based services.

Yahoo Sports
WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not
Here are five franchises who stood out, for better or for worse.
2d ago
Yahoo Sports
Indianapolis Star columnist Gregg Doyel apologizes after awkward, uncomfortable interaction with Caitlin Clark
Gregg Doyel flashed a heart sign at Caitlin Clark at her introductory press conference on Wednesday afternoon to kick off an incredibly strange back-and-forth.
7h ago
Yahoo Sports
Nike responds to backlash over Team USA track kits, notes athletes can wear shorts
The new female track uniform looked noticeably skimpy at the bottom in one picture, which social media seized upon.
4d ago
Yahoo Sports
Boban Marjanović hilariously misses free throws on purpose to give Clippers fans free chicken
Boban Marjanović is a man of the people.
3d ago
Yahoo Sports
2024 Masters payouts: How much did Scottie Scheffler earn for his win at Augusta National?
The Masters has a record $20 million purse this year.
3d ago
Yahoo Sports
UFC 300: 'We're probably gonna get sued' after Arman Tsarukyan appeared to punch fan during walkout
'We'll deal with that Monday,' Dana White said about Arman Tsarukyan appearing to punch a fan during his UFC 300 walkout.
4d ago
Yahoo Sports
Rob Gronkowski's first pitch before the Red Sox's Patriots' Day game was typical Gronk
Never change, Gronk.
3d ago
Yahoo Sports
76ers' statue for Allen Iverson draws jokes, outrage due to misunderstanding: 'That was disrespectful'
Iverson didn't get a life-size statue. Charles Barkley and Wilt Chamberlain didn't either.
5d ago
Yahoo Movies
'Sasquatch Sunset' is so relentlessly gross that people are walking out of screenings. Star Jesse Eisenberg says the film was a ‘labor of love.’
“There are so many movies made for people who like typical things. This is not that," the film's star told Yahoo Entertainment.
6d ago
Yahoo Sports
MLB Power Rankings: Braves, Yankees surge to the top, followed by Dodgers, Orioles, Brewers
Let's identify one player exceeding expectations for each team through the first few weeks of 2024.
1d ago
Yahoo Sports
Mock Draft Monday with Daniel Jeremiah: Bears snag Odunze, Raiders grab a QB
It's another edition of 'Mock Draft Monday' on the pod and who better to have on then the face of NFL Network's draft coverage and a giant in the industry. Daniel Jeremiah joins Matt Harmon to discuss his mock draft methodology, what he's hearing about this year's draft class and shares his favorite five picks in his latest mock draft.
3d ago
TechCrunch
Tesla layoffs hit high performers, some departments slashed, sources say
Tesla management told employees Monday that the recent layoffs -- which gutted some departments by 20% and even hit high performers -- were largely due to poor financial performance, a source familiar with the matter told TechCrunch. The layoffs were announced to staff just a week before Tesla is scheduled to report its first-quarter earnings. The move comes as Tesla has seen its profit margin narrow over the past several quarters, the result of an EV price war that has persisted for at least a year.
2d ago
Yahoo Sports
The Scorecard: 10 fantasy baseball hot takes to know through two weeks
Fantasy baseball analyst Dalton Del Don debuts The Scorecard, a weekly series featuring his takes on key MLB player notes.
2d ago
Yahoo Sports
How Victor Wembanyama's rookie season ranks in NBA history
Victor Wembanyama's rookie NBA season is finished. The San Antonio Spurs will sit him in Sunday's regular-season finale. Where does his first season rank among the league's greats?
4d ago
Yahoo Sports
Longtime voice of Yankees John Sterling is retiring, effective immediately
Sterling has called Yankees games since 1989, a span including the Derek Jeter era that saw the franchise win five World Series championships.
2d ago
Yahoo Sports
Former Colts QB Andrew Luck never considered returning to the NFL
Andrew Luck returned to Indianapolis for a charity event, six years after he retired as the Colts quarterback. He says he's never considered making a comeback to pro football.
5d ago
Autoblog
2024 Toyota Land Cruiser First Drive Review: Brief taste shows promise, but 1958 questionable
Our mostly off-road first drive reveals a well-executed off-roader with cool style and a high-quality interior. Well, not so much the interior in the 1958.
2d ago
Yahoo Sports
Fan apologizes for provoking Arman Tsarukyan at UFC 300, won’t file lawsuit after punch
Arman Tsarukyan appeared to punch a fan twice on his way into the Octagon during UFC 300 on Saturday night.
2d ago
Autoblog
GM is moving out of its Detroit headquarters towers
Something's happening with General Motors' headquarters buildings, and it may mean they'll no longer be GM's headquarters buildings.
2d ago
Yahoo Life Shopping
Jennifer Garner wore this sweatshirt to bake morning muffins, and it's so comfy you'll want to wear it everywhere
Equal parts cozy and stylish, the star's Favorite Daughter sweatshirt is a wardrobe essential.
1d ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

Apple iOS 4.3.4 Update Fixes PDF Vulnerability

Recommended Stories

WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not

Indianapolis Star columnist Gregg Doyel apologizes after awkward, uncomfortable interaction with Caitlin Clark

Nike responds to backlash over Team USA track kits, notes athletes can wear shorts

Boban Marjanović hilariously misses free throws on purpose to give Clippers fans free chicken

2024 Masters payouts: How much did Scottie Scheffler earn for his win at Augusta National?

UFC 300: 'We're probably gonna get sued' after Arman Tsarukyan appeared to punch fan during walkout

Rob Gronkowski's first pitch before the Red Sox's Patriots' Day game was typical Gronk

76ers' statue for Allen Iverson draws jokes, outrage due to misunderstanding: 'That was disrespectful'

'Sasquatch Sunset' is so relentlessly gross that people are walking out of screenings. Star Jesse Eisenberg says the film was a ‘labor of love.’

MLB Power Rankings: Braves, Yankees surge to the top, followed by Dodgers, Orioles, Brewers

Mock Draft Monday with Daniel Jeremiah: Bears snag Odunze, Raiders grab a QB

Tesla layoffs hit high performers, some departments slashed, sources say

The Scorecard: 10 fantasy baseball hot takes to know through two weeks

How Victor Wembanyama's rookie season ranks in NBA history

Longtime voice of Yankees John Sterling is retiring, effective immediately

Former Colts QB Andrew Luck never considered returning to the NFL

2024 Toyota Land Cruiser First Drive Review: Brief taste shows promise, but 1958 questionable

Fan apologizes for provoking Arman Tsarukyan at UFC 300, won’t file lawsuit after punch

GM is moving out of its Detroit headquarters towers

Jennifer Garner wore this sweatshirt to bake morning muffins, and it's so comfy you'll want to wear it everywhere