Apple releases iOS 4.3.5 to address certificate violation issue
Apple on Monday released iOS 4.3.5 for the iPhone, iPad and iPod touch, addressing a security vulnerability related to certificate violation.
The update comes less than two weeks after iOS 4.3.4 was released. It is available for the GSM iPhone 4, iPhone 3GS, iPad 2, iPad, and third- and fourth-generation iPod touch.
Also released on Monday was iOS 4.2.10 for the CDMA iPhone, available on Verizon's network.
The previous iOS update was released on July 15. It patched a security hole related to viewing PDFs in the Mobile Safari Web browser, an exploit that had been utilized by hackers to "jailbreak" the iPhone and iPad.
Though security fixes have been issued, Apple is not expected to add any major new features to iOS 4. The company is focused on delivering the next-generation version of its mobile operating system, iOS 5, to users this fall.
iOS 5 is currently in beta and is being tested by developers who write software for iPhones and iPads. The fourth beta of iOS 5 was issued to developers last Friday.
The update comes less than two weeks after iOS 4.3.4 was released. It is available for the GSM iPhone 4, iPhone 3GS, iPad 2, iPad, and third- and fourth-generation iPod touch.
Also released on Monday was iOS 4.2.10 for the CDMA iPhone, available on Verizon's network.
The previous iOS update was released on July 15. It patched a security hole related to viewing PDFs in the Mobile Safari Web browser, an exploit that had been utilized by hackers to "jailbreak" the iPhone and iPad.
Though security fixes have been issued, Apple is not expected to add any major new features to iOS 4. The company is focused on delivering the next-generation version of its mobile operating system, iOS 5, to users this fall.
iOS 5 is currently in beta and is being tested by developers who write software for iPhones and iPads. The fourth beta of iOS 5 was issued to developers last Friday.
Comments
Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.
Thanks for inciting something that wasn't going to happen.
All this is fluff before iOS 5, anyway. I'm sure plenty of "valid" users won't even upgrade.
Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.
They only did this to prevent me from jailbreaking my phone - even though I don't jailbreak it to begin with!
All better now, huh?
I see it as a very positive thing that Apple isn't shy about releasing security updates
Thanks for inciting something that wasn't going to happen.
All this is fluff before iOS 5, anyway. I'm sure plenty of "valid" users won't even upgrade.
Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.
Legal perhaps. But not moral. The EULA stipulates against jailbreaking.
Legal perhaps. But not moral. The EULA stipulates against jailbreaking.
Morality?
So if I create a product where the EULA stipulates that you're not allowed to eat meat while using my product, and you accept the EULA, that makes that activity immoral? If so, I think I just might start slipping such provisions into EULAs. Nobody besides lawyers reads those things anyways.
Hey! No comments about how Apple is just doing it to cheat the jailbreak community out of their legal right to jailbreak their phones. I'm impressed.
Yeah, Apple should show more fairness and give jealbreakers and malicious hackers also a chance, closing security holes so quickly is just not fair towards these two groups of people, they don't get a fair chance to do what they want to do.
Yeah, Apple should show more fairness and give jealbreakers and malicious hackers also a chance, closing security holes so quickly is just not fair towards these two groups of people, they don't get a fair chance to do what they want to do.
Apple isn't legally obligated to leave holes open for people to jailbreak their phones. They wrote the OS and built the hardware, they can do whatever they want with it to keep it their product. Not to mention it was a security flaw.
Complete and utter scare tactic to prevent people from jailbreaking. Nothing more.
Your the kind of muppet that would post "epic fail, Apple leave glaring security hole open on the iPhone" if they didnt patch it.
Apple isn't legally obligated to leave holes open for people to jailbreak their phones. They wrote the OS and built the hardware, they can do whatever they want with it to keep it their product. Not to mention it was a security flaw.
He was joking!
I agree that most people should upgrade to this as quickly as possible. Surely, one of the reasons for Apple is to close another possible loophole for jailbreaking; I'm not interested in that - I did in the "original iPhone" days to get one working with my then non-supported German carrier through an unlock, which I don't need to do anymore - so I couldn't care less.
What one should keep in mind for the sake of this discussion is a simple fact of life. Whatever allows someone to jailbreak their phone can also be exploited by malware, doing bad things to your data and your device. And one of the key reasons why iPhone, among the other mobile platforms, has seen the least amount of trouble with that kind of issue is clearly Apple's attention to those loopholes, their ability and willingness to fix them quickly and a really well-working upgrade process with a very good adoption rate.
I for myself prefer to keep it that way, and with the current condition of the official app store and most software pricing, that's a very small price to pay for me to have such peace of mind.
Fl.
FYI, I used this exploit to painlessly jailbreak my iPad 2, then I immediately went to Cydia and installed the jailbreak friendly patch for said vulnerability, called "PDF Patcher 2."
FWIW, I think the PDF vulnerability was fixed with 4.3.4; this is something new related to some kind of certificate handling. It is not totally clear whether this can be used for jailbreaking and/or exploits, but in case of doubt, I'll trust Apple that it can be used to do something nasty. :-)
FWIW, I think the PDF vulnerability was fixed with 4.3.4; this is something new related to some kind of certificate handling. It is not totally clear whether this can be used for jailbreaking and/or exploits, but in case of doubt, I'll trust Apple that it can be used to do something nasty. :-)
Thanks for the heads up. Hopefully someone will/has post(ed) a patch for us folks.