iPhone OS 3.0 fixes 46 vulnerabilities
Apple has released version 3.0 of its iPhone mobile operating system. The update not only includes several new features, but also fixes 46 security vulnerabilities. Version 3.0 of the iPhone OS fixes 23 vulnerabilities in WebKit and Safari alone. According to Apple, many of the problems could have lead to the execution of arbitrary code when visiting a maliciously crafted website. Other vulnerabilities include unexpected application termination or arbitrary code execution when opening a maliciously crafted PDF document or image file and possible disclosure of sensitive information when connecting to a malicious Exchange server.
The update is available for all iPhones running version 1.0 to 2.2.1 of the iPhone OS and for iPod touch users running version 1.1 to 2.2.1. The 3.0 update for iPod touch users, however, is a £5.99 paid upgrade (iTunes Link). All users are advised to update.
See also:
- About the security content of iPhone OS 3.0 Software Update, security advisory from Apple.
(crve)