iOS 4.3.4 Could Be Released Soon To Patch Leaked JailbreakMe 3.0 Exploit. Backup Your 4.3.3 SHSH Blobs Now
While iOS 5 is quickly nearing completion, Apple might feel the need to issue one final update for iOS 4: iOS 4.3.4. According to people familiar to the matter in the jailbreaking scene, Apple might indeed be preparing a final update for iOS to render the recently-leaked JailbreakMe iPad 2 jailbreak useless.
This vulnerability became known when a pre-release version of JailbreakMe 3.0 was leaked in the wild yesterday by a private beta tester. The tool is the first widely available untethered iPad 2 jailbreak, although it works with any device running iOS 4.3.3 or earlier, all thanks to a PDF exploit in Mobile Safari. Just so you can put this into perspective, JailbreakMe is as easy as opening the malicious PDF document, as we described on our original article. The software will then load the code onto the user’s device through the PDF exploit and begin the installation process.
The first version of JailbreakMe, released in 2007, relied on a a PDF exploit present in iOS 1.1.1; after it got, fixed, the hacking community has subsequently caught up. Version 2.0 became available later on, with support for a broader range of operating systems and devices, although the vulnerability it relied on was quickly fixed. Now that a new exploit has been found and can be taken advantage of so easily, Apple might be looking to shoot down the new release of JailbreakMe before the official version is even released. This seems to be the consensus in the iOS jailbreaking community, with many prominent developers suggesting that we’ll see a fix "very soon", including @veeence:
Apple is already fixing the PDF vulnerability (and thus patching the jailbreak) while users don’t even have the JB yet. Leakers… Useless.
Many, including the likes of i0n1c, are urging 4.3.3 users to back up their blobs (find out how here using iFaith. TinyUmbrella can also be used) and stay away from the update:
An iPad2 4.3jB via PDF was leaked to the masses.that means Apple will reverse the xploit tonight and 4.3.4 will kill the jb before it is out
We’ll keep you updated as we find out more about iOS 4.3.4, or if it’s actually real or not. Meanwhile, make sure to back up your iOS 4.3.3 blobs and stay away from the upgrade.
You can follow us on Twitter or join our Facebook fanpage to keep yourself updated on all the latest from Microsoft, Google and Apple.