A newly discovered security flaw provide “unrestricted access” to your iPhone, iPad or iPod Touch on virtually all versions of iPhone firmware, short of the iOS 4.1 beta, currently in the hands of developers for testing. Symantec, which first discovered the security flaw, says Apple needs to patch the vulnerability ASAP, lest the bad guys cause a bit of havoc.
The exploit takes advantage of the way the “iOS system, and in particular Safari web app,” loads fonts inside PDF files, and could potentially leave anyone in “full” control of your Apple device — with granted powers including ability to delete all your files, install rogue apps which monitor your usage and much more. It can apparently be broken into two parts, “One relates to the way browser reads and parse PDF files which in turn allows access to iOS’s ‘protective sandbox’, while second hole allows the code to get out of the ‘sandbox’ and access root control of the device.”
Symantec has basically begged Apple to patch the flaw. As of now, the exploit only exists on paper, but now that it’s “out there,” well, the countdown has started.