Interesting stuff right here… it appears as if Charlie Miller (winner of the Pwn2Own contest) has just tweeted that his Safari bug he discovered was not patched in Apple’s iOS 4.3.1 firmware update. However it was indeed patched by Apple in the last Mac OS X update, leaving people wondering why Apple would not patch the bug in the iOS firmware update released yesterday. What was Charlie Miller’s bug? Well he used a Safari exploit to access an iPhone 4’s (running the iOS 4.2.1 firmware) Address Book. Now as the iOS 4.3.x firmware introduced ASLR technology this exploit discovered by Charlie Miller does not function correctly (as he would need to bypass ASLR). However this still means the bug is just sitting their waiting for the next hacker to come along and simply bypass ASLR, and bang this vulnerability would be open once again.
My guess is that Apple did not see this as big as a threat for iOS users, but it still leaves my wondering why this bug was left open. It even makes my wonder if this bug will be used in jailbreaking the iOS 4.3.1 firmware untethered. As a few days ago Comex tweeted that his untethered jailbreak would most likely a userland jailbreak. Meaning that in order to jailbreak your iDevice there would need to be a bug somewhere in the userland level (aka the Pwn2Own bug… through Safari). Let me know your thoughts on this post in the comments section below!