Apple on Friday moved to plug the vulnerabilities in MobileSafari flagged up ten days ago by the German government. The weaknesses could allow maliciously-crafted PDF files to infect iDevices without installing additional malware, the Germans warned.
So now the king of consumer gadgetry has issued two flavours of the update aimed to plug the holes in all its iDevices.
Apple confirmed a vulnerability exists in FreeType's handling of Type 1 fonts, which a maliciously crafted PDF file could use to execute arbitrary code. It also said an invalid type conversion 'issue' exists in the use of IOMobileFrameBuffer queueing primitives, which could allow malicious code running as the user to gain system privileges
The update is likely to disable the latest web-based JailbreakMe exploit which unlocks the innards of an iDevice allowing software not screened by Apple to be installed.
We'll have to wait and see how long it takes the Jailbreakers to work around this latest Band Aid.