Apple issues security update for iPhone and Touch

February 3, 2010
by

Apple issues security update for iPhone and TouchApple has issued an update for the iPhone / Touch operating systems to close five security flaws, four of which were sufficiently serious that they would have allowed an exploiter to execute software on the target device.

The update is numbered 3.1.3 in both the iPhone and iPod Touch operating systems. Apple recommends that users update their devices immediately via iTunes.  The following excerpts from the Apple announcement point out the location and the causes causes of the problems that have been fixed  in the mobile operating systems with this update:

  • CoreAudio problem – Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution. This is a buffer overflow problem.
  • ImageIO problem – Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution This is a buffer underflow problem .
  • Recovery Mode problem -  A person with physical access to a locked device may be able to access the user’s data.  Due to a memory corruption issue in the handling of a certain USB control message, person with physical access to the device could bypass the passcode and access the user’s data.
  • WebKit problem 1 – Accessing a maliciously crafted FTP server could result in an unexpected application termination, information disclosure, or arbitrary code execution. This is a potential Website directory handling issue.
  • WebKit problem 2 – The Mail application may load remote audio and video content when remote image loading is disabled, thus producing undesired requests to remote servers.

The first four of these are the most severe, since they could allow a malicious exploiter to execute code on the target device, resulting in the theft, damage, or erasure of important user data. As noted above, when you synch via iTunes, the sync process will allow you to automatically install this security update on your iPhone or iPod touch.


Related posts:

  1. What’s new iOS 4.2.7, iOS 4.3.2
  2. Malicious website can lock up iPhone/iPod Touch and crash Safari
  3. MacWorld: iPod Touch 1.1.3 update includes new apps, for a price
  4. iPod touch owners avoiding iPhone OS 3.0 update
  5. New Verisign app offers better online security

Posted in Hacks, iPhone, iPod Touch | 3 Comments » Read more from

3 Responses to “Apple issues security update for iPhone and Touch”

  1. robert langdon:
    February 4th, 2010

    Hello there.
    Thanks for your kind information.
    I am using Iphone which has version 3.0.
    Should I have to update it to 3.1.3 for described security features? And can I get diect update file to update my version?

  2. r4 ds:
    February 9th, 2010

    Hello
    You have given good information about security for iPhone and this will be very useful for me.I will definitely update my device.Thank you very much for this helpful post.

  3. Jerald Bouthillette:
    November 3rd, 2010

    I love my Droid Incredible over the iPhone

Leave a Reply:


Recent stories

Featured resources

Featured stories

RSS Technology news

RSS Windows news

RSS Mac news

RSS Mobile technology news

RSS Green tech

RSS Buying guides

RSS Gaming news

RSS Photography news

Archives

Copyright © 2012 Blorge.com NS