At the moment, there's a security bug that affects all iOS 4 devices and the iPad that allows hackers to gain total control over your device. It's a lot like the Mobile Safari one-click jailbreak we posted about yesterday, only a lot less friendly. The device owner just has to visit a web page and load a PDF.
How does it work? A user visits a web page via Safari, which automatically loads a PDF file. This PDF file contains a font, which someone may have embedded with a viral program. So, when the device tries to display the PDF document, the font causes stack overflow, and the viral program in the font gains control of your iPhone or iPad.
And by control, we mean complete control. The application can install programs, wipe your entire phone, steal all of your information--the sky's the limit.
So what's the lesson? Don't download PDF files! Unless they come from sources you totally trust, of course. If your phone is jailbroken, you can also install a program called "PDF loading warner" from Cydia. It doesn't solve the security breach, but it will warn you every time your phone is trying to load a PDF file.
Via Gizmodo
