As promised, Apple has released a new incremental update for customers using iOS devices to patch a vulnerability that could allow arbitrary code execution for gaining system privileges. iOS 4.0.2 is a free software update for all supported iPhone, iPod touch models.
A note on the Support section of Apple’s web site reveals that iOS 4.0.2 “fixes security vulnerability associated with viewing malicious PDF files.” The vulnerability is known to have allowed hackers to create an untethered jailbreak tool for iOS devices.
According to Apple, products compatible with this software update are the iPhone 3G, iPhone 3GS, iPhone 4, iPod touch 2nd generation and iPod touch 3rd generation (late 2009 models
with 32GB or 64GB).
As explained by F-Secure in a post on the security issues surrounding iOS 4, it was actually two vulnerabilities that the jailbreakme.com hack leveraged to compromise iOS devices.
“First one uses a corrupted font embedded in a PDF file to execute code and the second one uses a vulnerability in the kernel to escalate the code execution to unsandboxed root,” Mikko, of F-Secure wrote.
Also, according to Apple, the issue has been present in the iPhone operating system since version 2.0.
A Support document on Apple’s web site now acknowledges the two holes which, according to the iPhone maker, have been plugged as of iOS 4.0.2.
Available for: iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod touch (2nd generation) and later, “A stack buffer overflow exists in FreeType's handling of CFF opcodes,” the company explains.
“Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution,” the Cupertino-based company reveals. “This issue is addressed through improved bounds checking.”
“An integer overflow exists in the handling of IOSurface properties, which may allow malicious code running as the user to gain system privileges,” Apple adds, referring to the second hole that iOS 4.0.2 plugs. “This issue is addressed through improved bounds checking,” the company concludes.
Owners of a supported iPhone or iPod touch may update to the new iOS version by connecting their device to a computer with iTunes installed. The software will notify them of the new software version, at which point the user can choose to download and install the update automatically.
Alternately, users may download the iOS 4.0.2 IPSW file manually (download link below) and selectively restore to the new firmware with iTunes, using the Alt (Option) key.
iOS Software Update for iPhone 3GS
iOS Software Update for iPhone 3G
iOS Software Update for iPod Touch 3G
iOS Software Update for iPod Touch 2G