Comex had released JailbreakMe 3.0 – one of the easiest solutions to jailbreak iPhone, iPad and iPod Touch early last week, which uses a userland exploit to jailbreak and install Cydia on an iOS device using mobile Safari.
Security experts had raised concerns that the vulnerability in iOS could be exploited in a similar way by malicious websites to install malware. Apple had acknowledged the issue earlier in the week and announced that it will release a patch to fix the vulnerability shortly.
According to the release notes, iOS 4.3.4 and iOS 4.2.9 includes the following changes:
Fixes security vulnerability associated with viewing malicious PDF files.
iOS 4.3.4 supports the following iOS devices:
- iPhone 4, iPhone 3GS
- iPod Touch 4G, iPod Touch 3G
- iPad 2, iPad 1
iOS 4.2.9 supports:
- Verizon iPhone 4
Comex expected Apple to release an iOS software update (iOS 4.3.4) to fix the vulnerability used in JailbreakMe 3.0 and has advised users to take a backup of SHSH blobs. You can use TinyUmbrella for iOS 4.3.3 or iOS 4.2.8 to take a backup of your SHSH blobs so that you can downgrade to the older version of iOS if required. Jailbreakers and iPhone unlockers should also avoid upgrading to iOS 4.3.4 if it is released, until the jailbreak community does not release the latest tools for iOS 4.3.4.
If you don’t want to upgrade to iOS 4.3.4, but don’t want to be exposed to the security vulnerability then you can install PDF Patcher 2 on Cydia to fix the vulnerability associated with viewing malicious PDF files. You can checkout the instructions to install it in this post.
If you don’t care about jailbreaking or unlocking your iPhone then you can update your iPhone with iOS 4.3.4 or iOS 4.2.9 via iTunes.
Here are the direct download links for iOS 4.3.4 and iOS 4.2.9:
- iPhone 3GS
- iPhone 4 (GSM)
- iPhone 4 (Verizon)
- iPad 2
- iPad 2 (GSM)
- iPad 2 (Verizon)
- iPod touch 3G
- iPod touch 4G
iOS 4.3.4 is out…please don’t update, or you’ll lose your jailbreak! And back up your 4.3.3 blobs soon!
As always, let us know how it goes and if you notice anything interesting in the comments.