The update does NOT provide any additional enhancements to the operating system. It is recommended for anyone whom has NOT Jailbroken their iPad who wishes to seal the security hole in the OS.
The update is NOT recommended for anyone that has a Jailbroken iPad and wishes for it to remain Jailbroken. Again, this update should not be applied if you enjoy the benefits of a Jailbroken iPad and is willing to risk any unknown risks that the unsealed exploits may present. To date their are no known malicious exploits of the patched holes in the pre-3.2.2 versions of the iPad OS.
IF YOU APPLY THIS TO A JAILBROKEN IPAD, THE JAILBREAK PROCESS WILL BE REVERSED INDISCRIMINATELY.
The truth of the matter is the Jailbreak process is NOT illegal and therefore can be applied; however, the exploits by which the Jailbreak processes are made possible are in Apple's best interest to be sealed. Apple had to squash the talk that its OS is unsafe as soon as possible The truth is that nothing man made will ever be perfect. Additionally, any thing man "made" can be man "unmade". There are other exploits in the OS which the Jailbreak community will uncover to allow 3.2.2 to be Jailbroken as well.
Both sides are good for each other. Apple creates an OS that is a great tool and the Jailbreak community strives to make it even better though their innovated and progressive developments. Apple uses them for innovation that allows their OS to get better and better; which helps to sell more devices. The Jailbreak community uses the ever increasing OS and popular devices to innovate and improve the capabilities.
Here is the post from Apple's site at http://support.apple.com/kb/HT4292
This document describes the security content of the iOS 3.2.2 Update for iPad, which can be downloaded and installed using iTunes.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see "Apple Security Updates".
Products Affected
Product Security, iPad
iOS 3.2.2 Update for iPad
FreeType
CVE-ID: CVE-2010-1797
Available for: iOS 3.2 and 3.2.1 for iPad
Impact: Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution
Description: A stack buffer overflow exists in FreeType's handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.
IOSurface
CVE-ID: CVE-2010-2973
Available for: iOS 3.2 and 3.2.1 for iPad
Impact: Malicious code running as the user may gain system privileges
Description: An integer overflow exists in the handling of IOSurface properties, which may allow malicious code running as the user to gain system privileges. This issue is addressed through improved bounds checking.
IF YOU APPLY THIS TO A JAILBROKEN IPAD, THE JAILBREAK PROCESS WILL BE REVERSED INDISCRIMINATELY. Only iPad OS 3.2.1 and below can be Jailbroken.
For more information about the Jailbreakme.com process, please visit http://www.jailbreakme.com/faq.html
Thanks,
Carl W. Brooks
iAmThereforeiPad, Founder and Chief Editor
iPad News, Reviews and How-To-Dos.
We help make your iPad experience Magical through information!
http://www.iamthereforeipad.com
No comments:
Post a Comment