Apple pushes security updates for mobile devices

Apple issued a pair of updates on Wednesday for mobile devices running its iOS, which includes iOS 4.0.2 for iPhone and iPod touch and iOS 3.2.2 for the iPad.

The first update addresses a flaw in how the iOS handles PDFs, which prompted Apple to warn customers last week to refrain from opening PDF files until an update was issued. Security researchers investigating the flaw warned that attackers could use maliciously crafted PDFs to execute arbitrary code on the devices.

According to the security bulletins released by Apple, the second vulnerability involves an integer overflow flaw that “may allow code running as the user to gain system privileges”.

The two vulnerabilities were discovered after a team posted a jailbreak method for the new iPhone 4 on the website The web-based jailbreak method allows users to install unapproved applications not provided through the Apple iTunes store.

Apple advised that both updates are available on iTunes.

What’s Hot on Infosecurity Magazine?