Apple has just pushed out iOS 4.3.5/4.2.10 (CDMA Verizon iPhone 4), only 10 days after patching “Comex”s JailbreakMe 3.0 vulnerability with iOS 4.3.4. The update is to apparently address a security issue with certificate validation, and no other information seems to be presently available.
iOS 4.3.5 Software Update
Fixes a security vulnerability with certificate validation.
Note to jailbreakers: Do not update until the Dev-Teams have figured out a jailbreaking solution, as once you upgrade you will lose your jailbreak and unlock. Also, don’t forget to back up your SHSH blobs! [TinyUmbrella]
Direct download links for iOS 4.3.5/4.2.10:
- Warning Jailbreak/Unlock Users: Do Not Update To iOS 4.3.5/4.2.10 Firmware
- Jailbreak iOS 4.3.5/4.2.10 With RedSn0w [Tethered]
- Apple has released a support document detailing the issue that has been patched in iOS 4.3.5/4.2.10.
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
- How To: Jailbreak iOS 4.3.5 With RedSn0w 0.9.8b4 On iPhone 4/3GS
- How To: Jailbreak iOS 4.3.5 With RedSn0w 0.9.8b4 On iPad (First-Generation)
- How To: Jailbreak iOS 4.3.5 With RedSn0w 0.9.8b4 On iPod Touch 4G/3G