The latest jailbreak solution from @Comex aka JailbreakMe 3.0, which also works on iPad 2 running iOS 4.3.3, exploits a vulnerability found in Mobile Safari which forces users to open a malicious PDF file eventually leading to a successful jailbreak. A fix for this exploit has already been issued by @Comex in the form of PDF Patcher 2 (available in Cydia for free), which he highly recommends should be used as soon as you have jailbroken your iOS device using JailbreakMe 3.0.
However, Apple is quite serious about patching this vulnerability as soon as possible most likely with a software update, perhaps iOS 4.3.4. This has been confirmed by a post by Germany’s Federal Office for Information Security (translated via Google):
The exploit will give the attacker administrative privileges over devices which would include any data, email or contacts stored on the device. So far there is no official patch available for the exploit from Apple. But if you have jailbroken your iOS device, there is a patch available through Cydia.
Apple has responded by saying we are :
“aware of this reported issue and developing a fix that will be available to customers in an upcoming software update.”
This software update will most likely be the last one before iOS 5 is released to public with over 200 new features!
