malicious PDF bug fix is out

Discussion in 'iPhone' started by Michelle Steiner, Aug 11, 2010.

  1. iOS 3.2.2 for the iPad and iOS 4.0.2 for the iPhone and iPod Touch is not
    available through iTunes.

    This security fix has the side effect of defeating the recent web-based
    jailbreak.

    -- Michelle

    E-SA-2010-08-11-1 iOS 4.0.2 Update for iPhone and iPod touch

    iOS 4.0.2 Update for iPhone and iPod touch is now available and
    addresses the following:

    FreeType
    CVE-ID:  CVE-2010-1797
    Available for:  iOS 2.0 through 4.0.1 for iPhone 3G and later,
    iOS 2.1 through 4.0 for iPod touch (2nd generation) and later
    Impact:  Viewing a PDF document with maliciously crafted embedded
    fonts may allow arbitrary code execution
    Description:  A stack buffer overflow exists in FreeType's handling
    of CFF opcodes. Viewing a PDF document with maliciously crafted
    embedded fonts may allow arbitrary code execution. This issue is
    addressed through improved bounds checking.

    IOSurface
    CVE-ID:  CVE-2010-2973
    Available for:  iOS 2.0 through 4.0.1 for iPhone 3G and later,
    iOS 2.1 through 4.0 for iPod touch (2nd generation) and later
    Impact:  Malicious code running as the user may gain system
    privileges
    Description:  An integer overflow exists in the handling of IOSurface
    properties, which may allow malicious code running as the user to
    gain system privileges. This issue is addressed through improved
    bounds checking.


    Installation note:

    These updates are only available through iTunes, and will not appear
    in your computer's Software Update application, or in the Apple
    Downloads site. Make sure you have an Internet connection and have
    installed the latest version of iTunes from www.apple.com/itunes/

    iTunes will automatically check Apple's update server on its weekly
    schedule. When an update is detected, it will download it. When
    the iPhone or iPod touch is docked, iTunes will present the user with
    the option to install the update. We recommend applying the update
    immediately if possible. Selecting Don't Install will present the
    option the next time you connect your iPhone or iPod touch.

    The automatic update process may take up to a week depending on the
    day that iTunes checks for updates. You may manually obtain the
    update via the Check for Updates button within iTunes. After doing
    this, the update can be applied when your iPhone or iPod touch is
    docked to your computer.

    To check that the iPhone or iPod touch has been updated:

    * Navigate to Settings
    * Select General
    * Select About. The version after applying this update will be
    "4.0 (8A400)" or later.

    Information will also be posted to the Apple Security Updates
    web site: http://support.apple.com/kb/HT1222



    iOS 3.2.2 Update for iPad is now available and addresses the
    following:

    FreeType
    CVE-ID:  CVE-2010-1797
    Available for:  iOS 3.2 and 3.2.1 for iPad
    Impact:  Viewing a PDF document with maliciously crafted embedded
    fonts may allow arbitrary code execution
    Description:  A stack buffer overflow exists in FreeType's handling
    of CFF opcodes. Viewing a PDF document with maliciously crafted
    embedded fonts may allow arbitrary code execution. This issue is
    addressed through improved bounds checking.

    IOSurface
    CVE-ID:  CVE-2010-2973
    Available for:  iOS 3.2 and 3.2.1 for iPad
    Impact:  Malicious code running as the user may gain system
    privileges
    Description:  An integer overflow exists in the handling of IOSurface
    properties, which may allow malicious code running as the user to
    gain system privileges. This issue is addressed through improved
    bounds checking.


    Installation note:

    These updates are only available through iTunes, and will not appear
    in your computer's Software Update application, or in the Apple
    Downloads site. Make sure you have an Internet connection and have
    installed the latest version of iTunes from www.apple.com/itunes/

    iTunes will automatically check Apple's update server on its weekly
    schedule. When an update is detected, it will download it. When
    the iPad is docked, iTunes will present the user with
    the option to install the update. We recommend applying the update
    immediately if possible. Selecting Don't Install will present the
    option the next time you connect your iPad.

    The automatic update process may take up to a week depending on the
    day that iTunes checks for updates. You may manually obtain the
    update via the Check for Updates button within iTunes. After doing
    this, the update can be applied when your iPad touch is docked to
    your computer.

    To check that the iPad touch has been updated:

    * Navigate to Settings
    * Select General
    * Select About. The version after applying this update will be
    "4.0 (7B500)" or later.

    Information will also be posted to the Apple Security Updates
    web site: http://support.apple.com/kb/HT1222
     
    Michelle Steiner, Aug 11, 2010
    #1
    1. Advertisements

  2. Michelle Steiner

    Larry Guest

    And all this time fanboiz told me none of this could happen to iPhones....

    I'm SHOCKED!
     
    Larry, Aug 12, 2010
    #2
    1. Advertisements

  3. And all this time fanboiz told me none of this could happen to
    iPhones....[/QUOTE]

    No one told you that none of this could happen to iPhones. Please stop
    hallucinating.
     
    Michelle Steiner, Aug 12, 2010
    #3
  4. Michelle Steiner

    JF Mezei Guest


    Will Apple announce when people who need to jailbreakl their iphones
    will safely be able to upgrade and then jailbreak ?

    :) :) :) :)
     
    JF Mezei, Aug 12, 2010
    #4
  5. Michelle Steiner

    DevilsPGD Guest

    In message <2010081209365775625-jasonsavlov@mecom> Jason S
    Yup -- And credit where it's due, they released it reasonably promptly
    too given the need to develop and QA the fix.

    Kudos to Apple on this one.
     
    DevilsPGD, Aug 12, 2010
    #5
  6. Michelle Steiner

    Larry Guest

    You stupid bastards can't even tell sarcasm when it slaps you in the
    face.....SO intense!
     
    Larry, Aug 12, 2010
    #6
  7. Michelle Steiner

    Guest Guest

    there aren't that many of them in circulation.
     
    Guest, Aug 13, 2010
    #7
  8. Your history here says that your claim that it was sarcasm is nothing but a
    CYA lie.
     
    Michelle Steiner, Aug 13, 2010
    #8
  9. Michelle Steiner

    Larry Guest

    d.example.com:
    Oh, sure. You forgot to call me a nasty name....
     
    Larry, Aug 13, 2010
    #9
  10. Oh, sure. You forgot to call me a nasty name....[/QUOTE]

    Let's see. You called us "bastards", but I don't see myself calling you a
    name.
     
    Michelle Steiner, Aug 13, 2010
    #10
  11. Michelle Steiner

    Guest Guest

    considering that they don't run 4.x, it would be difficult and not
    worth the effort.
     
    Guest, Aug 13, 2010
    #11
  12. Michelle Steiner

    Guest Guest

    that proves my point exactly.

    according to that report, only 4% of ios devices in march were first
    generation (about 3.4 million, assuming 85 million total). in other
    words, the 4.0.2 fix supports 96% of the user base.

    it's now four months later and there are now over 15 million *more* ios
    devices, totaling well over 100 million (reached a little over a month
    ago), so the percentage of the older devices is even smaller, and
    that's assuming those users are still using them. chances are that they
    have upgraded to something newer, so the number of those old devices is
    *really* low.
     
    Guest, Aug 13, 2010
    #12
  13. Michelle Steiner

    DevilsPGD Guest

    In message <130820100928034049%> nospam
    As a general rule, vulnerabilities that span versions indicate that the
    code hasn't substantially changed between those versions. This isn't a
    guarantee, of course, and you still need to expend QA resources to
    address the issue.

    More important though is that Apple did write, QA and release a 3.x fix,
    so it's not entirely unreasonable to hope/expect that the same would be
    done for other devices stuck in 3.x.
     
    DevilsPGD, Aug 13, 2010
    #13
  14. Michelle Steiner

    Guest Guest

    ipad 3.2? that's already quite a bit different than what's on the
    iphone/ipod.

    it would be nice if they did do 3.1.4, but there are too few units out
    there to bother. at some point, support for older devices stops. this
    is that time for first generation devices.
     
    Guest, Aug 13, 2010
    #14
  15. Michelle Steiner

    Guest Guest

    because the ipad is a currently sold product that's fully supported and
    4.1 is probably a month away.

    compare that to a three year old iphone or ipod touch that hasn't been
    sold for about 2 years, can't run 4.x (i.e., not supported anymore) and
    lacked some of the features of the newer hardware even with 3.x (e.g.,
    peer to peer over bluetooth).
     
    Guest, Aug 13, 2010
    #15
  16. Michelle Steiner

    Guest Guest

    where do you draw the line? one day support for older devices stops.
    heh, actually, there are about 3 million 1st gen devices (see graph in
    another post), assuming nobody upgraded to a 3gs or iphone 4 or an
    android device over the past couple of months (not a good assumption).
    in other words, it's probably about 1-2 million now, and it's likely
    that those people don't use all of the capabilities, i.e., read pdfs,
    on their devices or they would have upgraded by now.
    i doubt it's related. there just aren't that many gen 1 devices around
    anymore.
     
    Guest, Aug 14, 2010
    #16
  17. Michelle Steiner

    DevilsPGD Guest

    In message <130820101114005458%> nospam
    Yeah I realize that, but it's not as though the whole OS needs a
    rewrite, it's likely a matter of updating one or more libraries.

    It's obviously a non-zero effort, but the hard work is already done.

    OTOH at some point you have to draw the line. Apple is quicker to throw
    older-but-not-all-that-old equipment to the wolves, but that's
    ultimately a business decision.
     
    DevilsPGD, Aug 14, 2010
    #17
  18. Michelle Steiner

    Marc Stibane Guest

    http://blog.iphone-dev.org/post/941467261/fixing-what-apple-wont
     
    Marc Stibane, Sep 14, 2010
    #18
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.