- Joined
- Jun 18, 2010
- Messages
- 4,891
- Reaction score
- 1,050
[/FONT]
[FONT="]TiPb reports today that the iOS 4.3.4 update that Apple just issued to plug the PDF exploit that had enabled JailbreakMe.coms latest jailbreak, also patched another exploit that has been used for untethered jailbreaks since iOS 4.1. This information comes from the Twitter of i0n1c, whose tweets on the issue were quoted by TiPb as follows: [/FONT]
[FONT="]As TiPb notes, i0n1cs last tweet in that list addresses the issue of whether or not Apple is just trying to plug security leaks, or if it is also actively trying to specifically close down jailbreak exploits.[/FONT]For those that did not get it: iOS 4.3.4 does not only fix jbme 3 as announced, but also silently kills the ndrv_setspec() integer overflow.
In addition to that iOS 4.3.4 also adds code to dyld to detect attacks with binaries using incomplete code signing.
Incomplete codesigning attacks were used for all untether exploits from at least iOS 4.1.0
Wonder if {Apple} only tried to stop my xploit from modifying LCs at runtime with the new check, or if they knew it would stop [incomplete codesigning] attacks.
Source: iOS 4.3.4/4.2.9 also kills untethered exploit dead | TiPb