iOS 4.3.4 is Released – Patches Jailbreak Exploit
Apple just released the latest iOS update, 4.3.4 for all iDevices (iPhone, iPad, iPod touch). As expected, this update “patches the PDF security exploit.” In other words, jailbreakme.com will no longer jailbreak your iDevice if you update your software.
The latest jailbreak, from developer Comex, used a hold in Apple’s code when opening PDF files. It opened the door to the jailbreak, but it could have also potentially allowed less-trusted sources to tamper with your iDevice, should you open their malicious PDF. Those who are already jailbroken can install an app from Comex that patches the hole after the jailbreak (look for PDF Patcher 2 in this post).
Anyone who has already jailbroken and opened Cydia shouldn’t be affected by this. Their device’s SHSH is stored on Cydia’s servers, which allows them to downgrade back to 4.3.3 (and re-jailbreak) if they ever need to restore their firmware.
Those who have not yet jailbroken can still jailbreak (our instructions here) as long as they don’t update their software in iTunes, but it may already be too late to save their SHSH for 4.3.3. Sometimes there is a delay as to when Apple stops signing a previous firmware though, so it’s worth a try if you’re one of those people.
The software update doesn’t appear to change anything other than patching the exploit. It is recommended for those who are absolutely certain that they never want to jailbreak, but not recommended for anyone else. Apple’s full release notes follow:
OS 4.3.4 Software Update
Fixes security vulnerability associated with viewing malicious PDF files.
Products compatible with this software update:
• iPhone 4 (GSM model)
• iPhone 3GS
• iPad 2
• iPod touch (4th generation)
• iPod touch (3rd generation)