The exploit, which takes advantage of a hole in Apple’s mobile Safari application, allows a user to jailbreak their device by loading an “infected” PDF file to gain root privileges. Comex’s recently released JailbreakMe website tool uses the same process.
However, a German IT agency has warned that the same exploit can be used by criminals to access and steal sensitive data, stating that it “is sufficient to infect the mobile device with malware without the user’s knowledge”.
Apple has responded to these reports and has said it is “aware of this reported issue and developing a fix that will be available to customers in an upcoming software update.”
It is believed that Apple will issue iOS 4.3.4 to fix the security hole, which it likely to be the one of the last updates before it releases iOS 5, with over 100 new features and fixes.