Apple to Release iOS 4.3.1 to Patch Security Holes; Will Delay iOS 4.3 Jailbreak

Yesterday we saw the video of an untethered iOS 4.3 jailbreak by German security expert, Stefan Esser (@i0n1c). The exploit he used is a “buffer overflow in the kernel heap” (someone translate this for me), and has not been discovered yet by Apple.

@i0n1c Says an Early iOS 4.3 Jailbreak Release Will Burn Exploit

With news of the iPhone 4 being exploited at the recent Pwn2Own event in Vancouver, Apple will most likely be pushing forward iOS 4.3.1. If a jailbreak is released for iOS 4.3 now, that exploit will be sealed by Apple in the next iOS update. Therefore, a jailbreak right now for 4.3 should be delayed.

iPhone 4 Hacker Confirms Apple Has Vulnerabilities He Exploited at Pwn2Own

Charlie Miller, the winner of hacking the iPhone 4 noted on twitter that Apple already has the vulnerability info he exploited at Pwn2Own, and will patch it in an update to iOS soon.

The iPhone 4 he hacked on iOS 4.2.1 exploited a hole in MobileSafari. The hole is still open on iOS 4.3, but the new added layers of ASLR security prevents his exploit from running.

[@0xcharlie, @i0n1c]

So if you’re patiently waiting for an untethered iOS 4.3 jailbreak, you might have to wait just a bit longer.