Aweb-based iOS 4 jailbreaking app properly called “JailbreakMe” was released. The tool quickly became popular and was praised for its innovation and simplicity. However, JailbreakMe is making headlines once again for a totally different reason. Turns out that the JailbreakMe utilizes a security vulnerability in iOS to be able to do its duty.
However, concerns have been raised that malicious individuals could exploit the same security vulnerability to deliver malware attacks on any of the iOS-based devices such as iPhones, iPod Touches, and iPads.
The security hole is found on the iOS PDF viewer. Specially-crafted fonts are embedded into a PDF document. Processing the embedded font causes a stack overflow, which will allow the program to easily bypass the iOS security. Thereby allowing hackers to take full control of the device. The rest, as they say, is history.
JailbreakMe itself is currently a benign tool. However, we can’t say the same about the many hackers lurking through the dark alleys of the Internet searching for unsuspecting victims. The JailbreakMe tool could potentially be reverse-engineered to pull off their malevolent plans.