Apple closes jailbreak hole, another opens

iPhone 4

Apple has moved quickly to plug a hole in iOS which allowed people to jailbreak their iPhones and iPads.

The vulnerability was used by the JailBreakMe crew to allow people to run non-approved apps on their Apple devices.

Security researchers warned about the dangers the vulnerability posed, potentially leaving users open to data theft.

Apple responded by saying it was working on a fix, which it has now included in the iOS 4.3.4 release.

However, certain jailbreakers have claimed to have found a workaround for the update, requiring users to hook up their Apple device to a computer for a "tethered jailbreak."

The new jailbreak does not work on the iPad 2 and needs the user to jailbreak their device again if it runs out of battery or restarts, according to a report on Redmond Pie.

Security researchers have continued to voice concerns about the original bug too, claiming it provided a potential model for malicious hackers.

"The enormous number of iPhones out there, coupled with the 'click-and-be-hacked' potential demonstrated by the JailbreakMe tool, showed hackers that this bug could have been used to distribute a wide variety of malware," said Andrew Storms, director of security operations for vulnerability management firm nCircle.

"Fortunately for Apple and millions of iPhone users, so far we haven't seen massive attacks using this bug in the wild. Now we just have to wait and hope users will install the latest patches as soon as possible because there are no known mitigations available."

The JailBreakMe developers had written their own patch, but it would only work for jailbroken iPhones and iPads.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.