By just loading a PDF file on your iPhone, iPad or iPod Touch, you could be handing over complete access to your device in what could quickly become a major security breach.
The same technique used in the first web-based Jailbreak for iPhone can be utilized by hackers to seize control of your phone via a program that can be delivered via PDF to any iOS device running 3.1.2 or higher, according Gizmodo and CNET.
Here’s how it works: whenever a user loads a PDF document, it has to load the fonts associated with it. A font can be inserted into the PDF containing a program that will cause a stack overflow. The result is that the program can pass the iPhone’s security defenses and then break out of its protective sandbox to deal critical damage to your phone.
This exploit is how JailbreakMe is able to jailbreak the iPhone just by visiting the website and sliding the “Slide to Jailbreak” button. While JailbreakMe may be benign, hackers could reverse-engineer JailbreakMe’s exploit for their own nefarious purposes.
Because this exploit can be launched just by clicking a link, it could quickly become very dangerous if Apple doesn’t release a new version of iOS with the fix soon. For now, check the links you open and don’t open PDFs unless they’re from sources you completely trust.