Apple fixes iOS 4.0 "security holes", Will release update "likely" in iOS 4.1

In response to security flaw discovered on its iOS-powered devices, Apple said that it "We're aware of this reported issue, we've already developed a fix and it'll be available to customers in an upcoming software update," an Apple spokesperson told. The update will likely be in iOS 4.1, currently being tested by registered Apple iPhone […]

In response to security flaw discovered on its iOS-powered devices, Apple said that it "We're aware of this reported issue, we've already developed a fix and it'll be available to customers in an upcoming software update," an Apple spokesperson told. The update will likely be in iOS 4.1, currently being tested by registered Apple iPhone developers."

The two security exploits, highlighted by only current web-based iPhone jailbreak, relate to the way iOS web browser, Safari, reads PDF files on iPad, iPhone and iPod Touch. One of the exploits utilizes the methods that Safari uses to read and parse PDF files to gain access to the 'protective sandbox', while the second hole allows the code to get out of the 'sandbox' and access root control privileges for the device -- potentially allowing hackers the ability to install rogue apps that could monitor user actions -- is so worrying that the German Government's Federal Office for Information Security suggested users avoid opening PDF files until a fix is made available.

[Source]