updated 02:00 pm EDT, Fri July 15, 2011
Fixes PDF vulnerabilities, wrecks JailbreakMe
Via iTunes, Apple has released iOS 4.3.4, a minor update of its firmware for the iPhone, iPad and iPod touch. The update appears to concentrate primarily on security issues, namely the possibility of exploits using malicious PDF files. Vulnerabilities were present in FreeType's handling of TrueType and Type 1 fonts. A hole in IOMobileFrameBuffer, meanwhile, theoretically allowed an attacker to get system privileges.
The patch fulfills a promise made to German authorities last week. It should also, however, ruin the latest incarnation of JailbreakMe. Thanks to PDF holes, JailbreakMe required only visiting a website on an iOS device and then rebooting.
The v4.3.4 update is available for the iPhone 4 and 3GS, the iPad 1 and 2, and the third- and fourth-generation iPod touch. CDMA iPhone 4s -- currently, those on Verizon -- must grab an equivalent v4.2.9 release.