Gizmodo is reporting today that all iPads, as well as any iPhones and iPod touches with iOS 4 installed, are potentially vulnerable to a security bug that could take total control of their device. According to Gizmodo, simply visiting a malicious site with your Safari browser would enable the site to automatically load a simple PDF document, with a font that hides a special program. When your iPad or other device tries to open the file, it will cause a stack overflow, which will then enable the secret code inside the font to seize control of your iPad.
Sounds pretty scary, and it gets worse. Gizmodo says that once it gains hold of your iPad, the malicious code will be able to do whatever it likes, including deleting and transmitting files and installing background programs to monitor your actions. It might even try to beat your Angry Birds high score. Now that really would be scary.
Gizmodo says that the main way that you can protect your iPad from the vulnerability right now is to avoid going directly to any PDF links, and taking care not to load any PDFs from an unfamiliar source. Apparently jailbroken iPhones also have a system that will alert you before you download potentially malicious PDFs ("PDF loading warner" in Cydia).
Apple hasn't commented on the supposed security issue so far, so, as ever, watch this space.
Source: Gizmodo
