Discover Yahoo! With Your Friends

Explore news, videos, and much more based on what your friends are reading and watching. Publish your own activity and retain full control.

To get started, first

YOUR FRIENDS' ACTIVITY

    Apple iOS 4.3.4 Update Fixes PDF Vulnerability

    By Chloe Albanesius - PC Magazine | PC Magazine – Fri, Jul 15, 2011

    Apple on Friday released iOS 4.3.4, which fixes an iOS vulnerability that could have let hackers remotely control iPhones, iPads, and iPod touches.

    The update "fixes [a] security vulnerability associated with viewing malicious PDF files," Apple said. It is available now for iPhone 3GS and iPhone 4s running iOS 3.0 and higher, third-generation iPods with iOS 3.1 and higher, and iPads with iOS 3.2 and higher.

    The update addresses three components of iOS: a buffer overflow in FreeType's handling of TrueType fonts; signedness issue in FreeType's handling of Type 1 fonts; and an invalid type conversion issue in the use of IOMobileFrameBuffer queueing primitives. Together, they could've allowed an attacker to take control of your device via an infected PDF.

    Earlier this week, Apple acknowledged the issue and promised a fix via an upcoming software update. "Apple takes security very seriously," a spokesperson said.

    The move came after the German Federal Office for Information Security (BSI) issued a warning about the possibility of attacks via PDF files. In a translated version of the report, the agency said clicking on an infected PDF via email or on the Web was enough to infect an iOS device with malicious software and give the attacker administrative privileges on the device.

    The warning said there have been no reported attacks, but anyone taking advantage of the vulnerability could potentially access things like passwords, online banking data, calendars, emails, text, or contact information, BSI said. There could also be access to built-in cameras, the interception of telephone conversations, and the GPS localization of the user.

    The fix comes amidst the release of JailBreakMe, software that would jailbreak an iOS device using the PDF vulnerability. The program quickly hit 1 million jailbreaks; "be sure to share a link with your friends while it's still available," Grant Paul, one of the creators, tweeted last week.

    Apple's last update, 4.3.3, was released in early May and solved a controversial "bug" with Apple's location-based services.

     

    There are no comments yet

    [ [ [['Connery is an experienced stuntman', 2]], 'http://yhoo.it/KeQd0p', '[Slideshow: See photos taken on the way down]', ' ', '630', ' ', ' ', ], [ [['Connery is an experienced stuntman', 7]], ' http://yhoo.it/KpUoHO', '[Slideshow: Death-defying daredevils]', ' ', '630', ' ', ' ', ], [ [['know that we have confidence in', 3]], 'http://yhoo.it/LqYjAX ', '[Related: The Secret Service guide to Cartagena]', ' ', '630', ' ', ' ', ], [ [['We picked up this other dog and', 5]], 'http://yhoo.it/JUSxvi', '[Related: 8 common dog fears, how to calm them]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 5]], 'http://bit.ly/JnoJYN', '[Related: Did WH share raid details with filmmakers?]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 3]], 'http://bit.ly/KoKiqJ', '[Factbox: AQAP, al-Qaeda in Yemen]', ' ', '630', ' ', ' ', ], [ [['have my contacts on or glasses', 3]], 'http://abcn.ws/KTE5AZ', '[Related: Should the murder charge be dropped?]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 5]], 'http://yhoo.it/JD7nlD', '[Related: Bristol Palin reality show debuts June 19]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 1]], 'http://bit.ly/JRPFRO', '[Related: McCain adviser who vetted Palin weighs in on VP race]', ' ', '630', ' ', ' ', ], [ [['A JetBlue flight from New York to Las Vegas', 3]], 'http://yhoo.it/GV9zpj', '[Related: View photos of the JetBlue plane in Amarillo]', ' ', '630', ' ', ' ', ], [ [['the 28-year-old neighborhood watchman who shot and killed', 15]], 'http://news.yahoo.com/photos/white-house-stays-out-of-teen-s-killing-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120411/martinzimmermen.jpg', '630', ' ', 'AP', ], [ [['Titanic', 7]], 'http://news.yahoo.com/titanic-anniversary/', ' ', 'http://l.yimg.com/a/p/us/news/editorial/b/4e/b4e5ad9f00b5dfeeec2226d53e173569.jpeg', '550', ' ', ' ', ], [ [['He was in shock and still strapped to his seat', 6]], 'http://news.yahoo.com/photos/navy-jet-crashes-in-virginia-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120406/jet_ap.jpg', '630', ' ', 'AP', ], [ [['xxxxxxxxxxxx', 11]], 'http://news.yahoo.com/photos/russian-grannies-win-bid-to-sing-at-eurovision-1331223625-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/a/p/us/news/editorial/1/56/156d92f2760dcd3e75bcd649a8b85fcf.jpeg', '500', ' ', 'AP', ] ]
    [ [ [['did not go as far his colleague', 8]], '29438204', '0' ], [ [[' the 28-year-old neighborhood watchman who shot and killed', 4]], '28924649', '0' ], [ [['because I know God protects me', 14], ['Brian Snow was at a nearby credit union', 5]], '28811216', '0' ], [ [['The state news agency RIA-Novosti quoted Rosaviatsiya', 6]], '28805461', '0' ], [ [['measure all but certain to fail in the face of bipartisan', 4]], '28771014', '0' ], [ [['matter what you do in this case', 5]], '28759848', '0' ], [ [['presume laws are constitutional', 7]], '28747556', '0' ], [ [['has destroyed 15 to 25 houses', 7]], '28744868', '0' ], [ [['short answer is yes', 7]], '28746030', '0' ], [ [['opportunity to tell the real story', 7]], '28731764', '0' ], [ [['entirely respectable way to put off the searing constitutional controversy', 7]], '28723797', '0' ], [ [['point of my campaign is that big ideas matter', 9]], '28712293', '0' ], [ [['As the standoff dragged into a second day', 7]], '28687424', '0' ], [ [['French police stepped up the search', 17]], '28667224', '0' ], [ [['Seeking to elevate his candidacy back to a general', 8]], '28660934', '0' ], [ [['The tragic story of Trayvon Martin', 4]], '28647343', '0' ], [ [['Karzai will get a chance soon to express', 8]], '28630306', '0' ], [ [['powerful storms stretching', 8]], '28493546', '0' ], [ [['basic norm that death is private', 6]], '28413590', '0' ], [ [['songwriter also saw a surge in sales for her debut album', 6]], '28413590', '1', 'Watch music videos from Whitney Houston ', 'on Yahoo! Music', 'http://music.yahoo.com' ], [ [['keyword', 99999999999999999999999]], 'videoID', '1', 'overwrite-pre-description', 'overwrite-link-string', 'overwrite-link-url' ] ]

    News For You

    Loading...