Reprinted from TidBITS#1085/18-Jul-2011 with permission. Copyright (C) 2011, TidBITS. All rights reserved. http://www.tidbits.com/ iOS 4.3.4 and 4.2.9 Fix PDF Vulnerability ----------------------------------------- by Adam C. Engst article link: 1 comment Apple has released iOS 4.3.4 for the GSM iPhone 4 and 3GS, the iPad and iPad 2, and the 3rd and 4th generations of the iPod touch, along with iOS 4.2.9 for the CDMA iPhone 4. Both updates address a security vulnerability associated with viewing a malicious PDF file. Also fixed is a vulnerability that could enable malicious code running as the user to gain system privileges. The PDF-based vulnerability, caused by a buffer overflow in the handling of TrueType and Type 1 fonts, was used in a recent jailbreaking effort — by definition, jailbreaking involves exploiting a security hole in iOS. The updates are available only via iTunes, and despite the minimal changes, they’re big, so allot plenty of time to download and install. ---- read/post comments: tweet this article: .