Apple Releases iOS 4.0.2 [Don't Update] [3x]
Posted August 11, 2010 at 3:29pm by iClarified
Apple has released iOS 4.0.2 for the iPhone. Do not update your device until more details about the firmware are discovered.
It is VERY important that you have your SHSH blobs for 4.0 or 4.0.1 saved. Apple will stop signing 4.0.1 in just a few minutes/hours.
Follow one of these tutorials ASAP:
- Windows
- Mac
It's thought that the 4.0.2 update will patch the PDF vulnerability that comex used to perform his jailbreak.
Update:
Planetbeing tweets that Apple hasn't bothered to patch the exploit for the first generation iPhone. Are you serious, Apple's not going to patch the Safari remote execution on the first gen iPhone???!
Update 2:
Apple has posted a support document outlining the security issue that has been fixed.
A stack buffer overflow exists in FreeType's handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.
Update 3:
MuscleNerd notes that the baseband hasn't been updated in 4.0.2. iPhone 4 baseband isn't updated in 4.0.2, but ultrasn0w requires JB. 4.0.1 SHSH blobs will protect you from "oops" update
It is VERY important that you have your SHSH blobs for 4.0 or 4.0.1 saved. Apple will stop signing 4.0.1 in just a few minutes/hours.
Follow one of these tutorials ASAP:
- Windows
- Mac
It's thought that the 4.0.2 update will patch the PDF vulnerability that comex used to perform his jailbreak.
Update:
Planetbeing tweets that Apple hasn't bothered to patch the exploit for the first generation iPhone. Are you serious, Apple's not going to patch the Safari remote execution on the first gen iPhone???!
Update 2:
Apple has posted a support document outlining the security issue that has been fixed.
A stack buffer overflow exists in FreeType's handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.
Update 3:
MuscleNerd notes that the baseband hasn't been updated in 4.0.2. iPhone 4 baseband isn't updated in 4.0.2, but ultrasn0w requires JB. 4.0.1 SHSH blobs will protect you from "oops" update