Apple to release patch to beat jailbreak threat

6 Aug 2010

Apple is understood to be preparing to release a “magical” patch that will fix a flaw that could leave iPad, iPhone and iPod devices vulnerable to hackers.

A flaw in the devices’ security was uncovered after a software program emerged on a jailbreak website. Jailbreaking allows people to run apps not approved by Apple.

The flaw was revealed after it was discovered hackers could gain access to data stored on iPads, iPhones and iPods if users visited a website and opened a PDF document containing hidden code.

It is not yet clear if hackers have used the exploit to access the devices.

Security vendor Websense warned that all it takes to jailbreak the device is to visit a specific website using the built-in web browser. Previously, users had to connect the device to a computer and use software for Windows or Mac to complete the process.

At, all it takes to complete the jailbreak is to slide the arrow to the right and wait for the process to complete. To perform the jailbreak, the process takes advantage of two vulnerabilities; one in how Safari parses PDF files, and one in the kernel of iOS/iPhoneOS.

Apple is reportedly looking into the vulnerability issues, but until they have issued a patch, Websense says all users of iPhones, iPads, or iPods are at risk, because there is nothing that prevents a malicious attacker from using these vulnerabilities to automatically install malware onto the device.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years