A new, web-based jailbreaking tool available for the iPad 2 leverages a vulnerability in the way Apple’s mobile operating system, iOS, handles PDF files.
A hacker calling himself Comex released the tool, called JailbreakMe 3, on Wednesday. It allows users to install applications that are not available through Apple’s official App Store.
Besides the iPad 2, the jailbreak also works on iPhone and iPod Touch devices running iOS versions 4.3 through 4.3.3. Users can install the tool simply by visiting Jailbreakme.com from their iOS-powered devices.
But researchers have expressed concern that the flaw used in the jailbreak could be abused by criminals.
“Someone with more nefarious intentions could also abuse the vulnerability to install malicious code on your iPad or iPhone,” Graham Cluley, senior technology consultant at anti-virus firm Sophos, wrote in a blog post Wednesday.
Such tools can offer a “blueprint” for infecting devices, Cluley said. Attackers, for example, could create rigged web pages that exploit the flaw to install malware when visited from a vulnerable device.
Comex acknowledged that hackers could leverage the flaw to create an iPhone virus, but said the risk is likely “theoretical” and that his research will actually make Apple devices safer in the future.
“Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable,” Comex wrote on the JailbreakMe site. “Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run.”
Along with the jailbreak tool, Comex created a patch for the flaw and made it available on the unofficial app store Cydia. The fix, known as PDF Patch 2, can only be installed on a jailbroken device, however.
“Until Apple releases an update, jailbreaking will ironically be the best way to remain secure,” the hacker wrote.
Sophos’ Cluley urged Apple to close the vulnerability as soon as possible, before it is exploited by those with malicious intent.
“Leaving a security hole like this open is simply inviting malicious hackers to exploit it,” he wrote.
Apple dealt with a similar issue last year following the release of Jailbreak Me 2.0, which made use of two iOS flaws to jailbreak the iPhone 4 and other versions of the phone, along with iPad and iPod Touch devices. In that case, it took the Cupertino-Calif. computing giant two weeks to issue a patch.
Apple did not immediately respond when contacted by SCMagazineUS.com Wednesday.