New browser-based iOS jailbreak uses PDF exploit

Posted by Trent Nouveau

The JailBreakMe team has released a new utility to crack open iOS devices via a PDF exploit in Apple's mobile Safari web browser.


The patch (JailBreakMe 3.0) was coded by a number of prominent scene members, including comex, Grant Paul (chpwn), Jay freeman (Saurik) and MuscleNerd.

New browser-based iOS jailbreak uses PDF exploitThe hack is compatible with all of Apple's current iOS mobile devices, including the iPad 2 and iPhone 4. 



Specifically, the latest jailbreak works with iOS 4.3-4.3.3 on all iPads, the iPhone 3GS, GSM iPhone 4, third- and fourth-generation iPod touches, and iOS 4.2.6-4.2.8 for the CDMA iPhone 4.



As AppleInsider's Katie Marsal notes, the above-mentioned jailbreak marks the second time modders/hackers have exploited a PDF-related security hole in Apple's mobile Safari browser.

A previous hack - which made into the wild last August -  relied on a corrupt font to crash the browser's Compact Font Format handler.

"Ironically, hackers who exploited the PDF security hole in iOS last year also delivered their own security fix to address the very same issue on jailbroken devices," wrote Marsal.

"The patch aimed to ensure that dishonest hackers would not be able to utilize the exploit for malicious purposes."