Charlie Miller is no stranger to exploiting iOS on the iPhone. We earlier reported that Charlie won the Pwn2Own challenge in Vancouver for exploiting an iPhone 4 (he’s won it three years in a row).
With yesterday’s release of iOS 4.3.1, it was wide expected that the exploits revealed in Pwn2Own would be covered up by Apple. However, that hasn’t happened, as predicted. Charlie speaks out on twitter that the Pwn2Own exploit is still wide open:
iOS 4.3.1 does not fix the pwn2own bug. It’s weird they fixed it in the next os x update after the contest, but not the next iPhone update.
More time for the bad guys to get their bindiff->iPhone exploit workflow going.
Note to followers: the pwn2own bug by itself does not help jailbreaking or unlocking.
A jailbreak for iOS 4.3.1 has already been released, but it’s a complex process as you’ll see via this tutorial on Redmond Pie. The cat and mouse game continues. We’ll have to continue to wait patiently to see what the dev teams can conjure up.