NEWS FROM THE LAB - Thursday, September 9, 2010

Apple's iOS 4.1 Fixes 24 Vulnerabilities Posted by Sean @ 14:11 GMT

Apple released iOS version 4.1 yesterday and it patches 24 security vulnerabilities. 20 of the vulnerabilities are related to WebKit.

Two flaws that are of interest are related to image handling vulnerabilities that could allow for arbitrary code execution.

iOS Security Updates 2010.09.08

Last month, JailbreakMe 2.0 was released which used a combination of two vulnerabilities: CVE-2010-1797 and CVE-2010-2973.

JailbreakMe users can (using an unofficial fix) patch CVE-2010-1797, the vulnerability exploited by a PDF document with maliciously crafted embedded fonts. It should be interesting to see if unofficial patches for these new vulnerabilities are developed as some of them could possibly be used with CVE-2010-2973, putting JailbreakMe users at risk to remote attack.

We've updated our spreadsheet indexing Apple's iOS Security Advisories. [XLSX]

There's an HTML version here.

Also of note: iPhone enthusiasts have discovered a bootrom exploit that will allow for jailbreaking via a vulnerability embedded at the hardware level (not remotely exploitable).

Hat tip to Chris Wysopal.

Edited: Clarified that JailbreakMe users have access to an "unofficial" patch for CVE-2010-1797.