IPads, iPhones, and iPods are all vulnerable to “critical weaknesses” that could “allow possible attackers to gain administrator rights and get access to the entire system,” Germany’s IT security agency warned today. Clicking on an infected PDF could allow attackers to install malware without your knowledge, which would then allow them to spy on passwords, read your email, or even listen to your phone calls, the federal agency warned. Apple says it's aware of the issue and is working on a fix.
The flaw was first exposed by hackers trying to “jailbreak” the iPhone—that is, allow it to run programs not approved by Apple, the Guardian reports. The hackers released a fix on their site, jailbreakme.com, but it works only on "jailbroken" devices. “I think there's a good chance the security impact of these vulnerabilities will remain theoretical,” the site’s FAQ reads, but “until Apple releases an update, jailbreaking will ironically be the best way to remain secure.”