At this point, you've probably read there are vulnerabilities in Apple's iOS that allow drive-by jailbreaks. And you also know that those vulnerabilities can be used for other drive-by exploits such as malicious attacks.

Edited to add: Due to a communication error between our labs, we incorrectly stated that the exploit PDF files, mentioned below, crash Adobe Reader. This is not the case. Our apologies for the error.

The iOS drive-by jailbreak available at jailbreakme.com (see yesterday's post) utilizes a PDF exploit. The PDF files, 20 of them, for various combinations of hardware/firmware, are located in a subdirectory off the root of the website.

There are numerous reports that JailbreakMe 2.0 has been released with support for iOS 4. All that's needed to jailbreak an iPhone, iPod or iPad is to visit http://www.jailbreakme.com and then to engage the drive-by script.

This follows last week's news that jailbreaking is legal in the USA.

Anti-Malware Testing Standards Organization (AMTSO), which F-Secure is a member of, had a meeting in Helsinki in May. During that meeting AMTSO members approved two new guidelines to be published.

F-Secure Labs is launching a new feature in Browsing Protection today.

Web security has become increasingly important over the last few years and we've already developed various protection mechanisms to keep our customers safe against exploits, phishing attacks, and drive-by-downloads. However, there's still more we can do against one of the most sinister of attacks.

The Fbi released its Internet Crime Complaint Center (IC3) 2009 report. The organization maintains that cyberfraud losses reported to them doubled year over year.

Executive Summary

Gozi is a well known Trojan that has been around for a number of years now.

Quick note: we're still occasionally getting reports of DNSChanger trojan variants altering the DNS information on both the infected system and on certain ADSL modems. It's an old, unsophisticated problem, but more awareness of it can't hurt.

There are a couple twists on the basic strategy — the trojan may modify the modem's settings to use a rogue DNS server (that serves tainted information) or it can install a DHCP driver on the modem. Either way, it redirects users to a malicious site doing drive-by downloads.

Yesterday a new vulnerability was announced in Microsoft Office Web Components and as with all new exploits that can be used in drive-by downloads we tried it with F-Secure ISTP and ExploitShield. Yet again ExploitShield protected the user without the need for any updates.

So Firefox 3.5 is available and it has quickly become a hot download item, with almost 24 million downloads worldwide so far. The browser itself is touted as faster, safer and just better — but that's no reason not to be cautious.