iOS 4.3.4 Stops Untethered Jailbreaks Too

[Maura]

[FONT=&quot]
[/FONT]
[FONT=&quot]TiPb reports today that the iOS 4.3.4 update that Apple just issued to plug the PDF exploit that had enabled JailbreakMe.com’s latest jailbreak, also patched another exploit that has been used for untethered jailbreaks since iOS 4.1. This information comes from the Twitter of i0n1c, whose tweets on the issue were quoted by TiPb as follows: [/FONT]

“For those that did not get it: iOS 4.3.4 does not only fix jbme 3 as announced, but also silently kills the ndrv_setspec() integer overflow.

In addition to that iOS 4.3.4 also adds code to dyld to detect attacks with binaries using ‘incomplete code signing.’

‘Incomplete codesigning attacks’ were used for all untether exploits from at least iOS 4.1.0

Wonder if {Apple} only tried to stop my xploit from modifying LCs at runtime with the new check, or if they knew it would stop [incomplete codesigning] attacks.â€

[FONT=&quot]As TiPb notes, i0n1c’s last tweet in that list addresses the issue of whether or not Apple is just trying to plug security leaks, or if it is also actively trying to specifically close down jailbreak exploits.[/FONT]

Source: iOS 4.3.4/4.2.9 also kills untethered exploit dead | TiPb

 

[thewitt]

I think it's probably accurate to say that Apple will close all known security holes in time, iOS 5 will also let them do this "on the fly" so they can be more responsive to any known risks.

-t