iOS 4.0.2 update available to download for iPhone & iPod touch
A security update has been released for iPhone and iPod touch that stops potentially malicious code from being executed on the devices. Released as iOS 4.0.2, the update is in response to the recent release of JailbreakMe, an extremely easy iPhone jailbreak that is browser based and used the exploit that the update patches.
The description of the problem is described by Apple as follows:
A stack buffer overflow exists in FreeType’s handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.
While jailbreaking your iPhone or iPod touch is practically harmless, the potential of a malicious third party attack is of legitimate concern, even if unlikely.
If you have a jailbroken device, you should not install this update quite yet. Likewise, if you want to jailbreak or unlock your iPhone it’s also not a good idea to install the update because there are currently limited jailbreaking and unlock abilities for iOS 4.0.2, with the exception of iPhone 3G which works with ultrasn0w.
Install & Download iOS 4.0.2
To update and install the iOS 4.0.2 update, all you need to do is plug your iPhone or iPod touch to your computer and click on the “Update” button within iTunes. Then click on the ‘Download and Install’ button and let iTunes handle the rest.
If you have a jailbroken device, and you do not install this update, it might only be a matter of time before you are “owned” by some malicious software. The security hole is very serious and should not be underestimated.