updated 08:50 pm EDT, Tue July 31, 2007
iPhone 1.01 firmware
Apple today released an iPhone firmware update via its iTunes software, which it says brings several bug fixes. Though the company did not specify the bug fixes or additional features, if any, the company has provided the update to all customers who sync their iPhone with iTunes, offering the ability to download the software or download and install the software. The update, only available via iTunes, takes several minutes and users are greeted with the standard white Apple logo and white progress bar on the iPhone as well as a progress bar on their desktop while the updated is being applied to the device. Apple's security website notes indicate that the update fixes a critical Safari bug that allowed malicious users to take control of an iPhone (updates for Mac OS X Tiger/Panther and Safari 3.03 beta for Windows are also available).
- Safari (CVE-ID: CVE-2007-2400):
Impact: Visiting a malicious website may allow cross-site scripting.
- Safari (CVE-ID: CVE-2007-3944)
Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution.
- WebCore (CVE-ID: CVE-2007-2401)
Impact: Visiting a malicious website may allow cross-site requests.
Description: An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could trigger a cross-site scripting issue. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.
- WebKit (CVE-ID: CVE-2007-3742)
Impact: Look-alike characters in a URL could be used to masquerade a website.
Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by through an improved domain name validity check.
- WebKit (CVE-ID: CVE-2007-2399)
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
Description: An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution. Credit to Rhys Kidd of Westnet for reporting this issue.