After a traumatizing 10 days when hackers exploited a loop hole in iPhone’s mobile Safari web browser and released a web-based jailbreak utility using that security loophole. Apple responded to the situation and yesterday released the latest update to its iOS operating system running on the iPhone, iPad and the iPod Touch urging users to update their devices to version 4.0.2 of iOS in order to close that security hole. After the hack has been shut by Apple via the official iOS update, the hacker who developed the jailbreak using the loophole has released the source of his exploits, which enable users to install unauthorized apps.
“Impressive. And dangerous,” said Mikko Hypponen, chief research officer at antivirus company F-Secure, on Twitter early today of the exploit code. The exploit code can enable hackers to gain access to the iPad, iPhone or the iPad of a user by luring them to visit a malicious website containing the source code or asking them to click a link or open and e-mail and then gain root access to their device. “@comex thanks, using it to make malicious s*** now,” tweeted someone identified as MTWomg on Twitter. Also, a popular Mac vulnerability researcher, Dino Dai Zovi noted that, “Now that @comex released his jailbreak source, any bets on how long before it is ported to Metasploit?” on twitter.
After the release of the source code for the jailbreakme hack, it is strongly advised to all iPhone, iPad and iPod Touch users to update their iOS to 4.0.2 as it correctly solves the problem. This includes those users as well which have jailbroken their devices.