Informatika és tudomány

  • Ulkesh
    #38
    Charlie Miller had this to say via Twitter:

    "Starting to get a handle on jailbreakme.com exploit. Very beautiful work. Scary how it totally defeats apple's security architecture."

    In our testing, the PDF files crash both Adobe Reader and Foxit on Windows platforms. We detect them as variants of Exploit:W32/Pidief. While these files are not being used maliciously, an exploit is an exploit, and we'll add detections for them.

    Do note that by default, there's no separate PDF viewer on an iPhone. Instead, PDF viewing is built into the Safari browser. The attack uses a corrupted font placed inside the PDF file to crash the Compact Font Format (CFF) handler.