Home > Mobile > Hackers uncover new PDF exploit for iOS jailbreak

Hackers uncover new PDF exploit for iOS jailbreak


Have a jail broken phone? Make sure to check out our picks for the best jailbreak apps and games.

Hackers have once again found a weakness in the way Apple’s Mobile Safari browser loads PDF files, making it possible to jailbreak iOS devices without connecting to a computer first. Anyone interested in jailbreaking their device simply needs to point their Mobile Safari browser to jailbreakme.com and follow a simple set of instructions.

JailbreakMe is web-based, but does, however, recommend first connecting to iTunes to perform a backup. Other popular jailbreaking methods require users to download a program to their computers and then connect their device in order to carryout the exploit.

JailBreakMe was developed by “Comex,” Grant “Chpwn” Paul and Jay “Saurik” Freeman. The trio has dubbed their most recent exploit “JailbreakMe 3.” Last August, Comex released JailbreakMe 2, which made use of a similar vulnerability in the way iOS devices handle PDF files. Apple was quick to respond, releasing a patch within a matter of days to address the PDF vulnerability.

This time, the hackers have beaten Apple to the punch. Comex and his squad have already released a patch to protect iOS devices from the latest PDF exploit. But there’s a big catch; in order to download the patch, you’ll need access to the unofficial app repository Cydia, which– you guessed it — is only available for jailbroken devices.

In theory, JailbreakMe 3 exploit could be appropriated by other hackers with less noble intentions. The JailbreakMe hackers say that, while that may be true, they aren’t particularly worried. Comex points out that similar concerns were raised about JailbreakMe 2, but no reports surfaced of any hackers using the exploit malevolently.

“Until Apple releases an update,” Comex says in a FAQ, “jailbreaking will ironically be the best way to remain secure.” No word on when Apple will release its patch, but you can bet that they’re already at work on it.

Get our Top Stories delivered to your inbox: