iOS 4.3.4 update fixes iPhone, iPad PDF security flaw

ios-4-update

Apple said two weeks ago that it was aware of an iOS security flaw that could leave iPhone and iPad users vulnerable to attack via malicious PDF files. The exploit could have been used by hackers to gain access to Apple mobile devices and view user data, or infect the devices without user knowledge. Apple promised an update to patch the flaw, and it’s available now through iTunes.

Software version 4.3.4 promises to fix the critical security issues, along with other minor bug fixes. According to Apple’s security update page:

Available for: iOS 3.0 through 4.3.3 for iPhone 3GS and iPhone 4 (GSM model), iOS 3.1 through 4.3.3 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.3 for iPad

Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

Description: A buffer overflow exists in FreeType’s handling of TrueType fonts. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

The update is for GSM models of the iPhone 4, iPhone 3GS, iPad 2 and third and fourth iPod touch models. For the CDMA iPhone users on Verizon, software version 4.2.9 is available.

There is also an IOMobileFrameBuffer fix:

Available for: iOS 3.0 through 4.3.3 for iPhone 3GS and iPhone 4 (GSM model), iOS 3.1 through 4.3.3 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.3 for iPad

Impact: Malicious code running as the user may gain system privileges

Description: An invalid type conversion issue exists in the use of IOMobileFrameBuffer queueing primitives, which may allow malicious code running as the user to gain system privileges.

If you own any of the aforementioned devices, and haven’t yet updated your software, it is highly recommended you do so in order to protect your device from any malicious software or attacks. Be sure you have time, however, as the file size for the software fix is close to 700MB. Depending on your connection speed, the total download and update time may take up to 25 minutes.

  • Sammy

    Did anyone notice any performance improvements?

    • Alphared

      Worked like a charm for me, thanks for the heads-up.  And no, no performance improvements as far as I can tell…

  • gerso

    the only reason i would update and lose my jailbreak before ios 5 is if this 4.3.4 had a preview of the 5 features. no deal.

  • Jpelectrical Antennas

    hey can any one help me?im trying to get face book app on my iphone 4 that i have had for a couple of years though when i go to install the app is says that this app requires iOS 4.3. Cheers Jase

Back to top ▴