Attack Of The Killer .PDF’s: JailbreakMe Reveals Massive Security Flaw In iOS and How To Fix it (Sort of)

This image described by iPhone, JailbreakMe, PDF, font bug, PDF-Fix-security-iphone

So it turns out that what make JailbreakMe work so well is a font bug existing in Adobe .PDF files ( which the iPhone is set to automatically download and open.  What's worse, the bug seems to have come from Apple's own PDF rendering engine.  This means, in theory, that any PDF file with the bad code could be tweaked to do worse damage than just a jailbreak.

Luckily, Will Strafach (@cdevwill) came up with a safety fix: a .deb file that you download to your PC or Mac's /var/mobile directory, then install on your jailbroken iPhone. 

To install on a Mac via Terminal:
– ssh root@your IP address
– dpkg -i file.deb

Where "alpine" is the default password you'll get after installing Open SSH from Cydia and "your IP address" is located under Settings – > Wifi – > active wifi connection.

To install on a PC via iFile, navigate to the /var/mobile directory and double-click on the .deb file.

Once installed, the fix will prompt you to confirm every time your iDevice attempts to open a PDF file, manually or automatically.

[Via MacStories ]