Miller also speculated that Apple would quickly patch the vulnerabilities, perhaps even faster than last year when it faced a similar situation. In August 2010, Apple patched a pair of bugs used by JailbreakMe 2.0 just 10 days after the tool's release.
News of JailbreakMe 3.0's impending release had leaked several days before Wednesday's official launch, noted Miller, and should have given Apple even more warning.
Yesterday's BSI alert was similar to one it issued last August after JailbreakMe 2.0 appeared.
On Thursday, Apple said it would fix the flaws.
"We're aware of this reported issue and developing a fix that will be available to customers in an upcoming software update," an Apple spokesman told the IDG News Service today.
Last year, Apple patched the Jailbreak 2.0 bugs six days after saying it was working on a fix.
Ironically, a patch is available, but only to those who have hacked their iPhone, iPad or iPod Touch with JailbreakMe 3.0. The fix, dubbed "PDF Patcher 2," can be downloaded by jailbroken devices from the Cydia app store.
The BSI was especially concerned that the vulnerability would be exploited by hackers to target specific individuals. Because iOS devices are often used by senior management, the agency warned, "It is possible that the weaknesses can be exploited for targeted attacks on leaders to get to confidential company information."
Often labeled, "spear phishing," such targeted attacks have become extremely effective for cyber criminals, who have used the tactic to infiltrate major corporations, including Google, and make off with proprietary data by the gigabyte, or have been aimed at senior officials in the U.S. government and the International Monetary Fund.
Read more about security in Computerworld's Security Topic Center.