[ronnier]

I posted this on another thread...

I'd like to know how this works. Using this method, couldn't any site install arbitrary software on an iPhone through Safari without the user knowing? Or am I missing something?

[ryanpetrich]

Yes, it exploits a flaw in how the iPhone (and OS X presumably) handles PDF files to be able to run arbitrary code. I expect Apple will release an update that closes the hole.

[gizmomagico]

Well, does this mean that most iPhones out there are full of spyware then? And why not?

[DougBTX]

Presumably not yet. But the blueprints to own any iOS device via a remote web exploit just got put online, with thousands of links pointing to them.