toggle

AAPL Stock: 431.77 ( -0.23 )

http://www.macnn.com/articles/09/09/09/security.issues.fixed.in.latest.iphone.firmware/

iPhone OS 3.1 now available, fixes security vulnerabilities

updated 03:50 pm EDT, Wed September 9, 2009

 

Security issues fixed in latest iPhone firmware


The latest iPhone firmware, announced during Apple's music-themed media event, addresses a variety of security vulnerabilities. Previous releases had allowed unauthorized use of a device after a timeout period configured by an Exchange administrator. The system now disables any "Require Passcode" values greater than the maximum inactivity time lock setting, eliminating the time gap.

Another fix prevents Spotlight from accessing messages in a Mail folder after they have been deleted. The company has corrected a CoreAudio bug that allowed maliciously crafted AAC or MP3 files to execute arbitrary code.

Previous releases also allowed unauthorized users to bypass the passcode on a locked device and gain access to data, while a UIKit bug briefly showed password characters as they were deleted. The v3.1 firmware addresses several WebKit vulnerabilities, ranging from password disclosures to numeric character references.

The firmware update is available for the iPhone or iPod touch and can be downloaded through iTunes. iPhone owners can update for free, while the firmware costs $5 for the Touch.


by MacNN Staff

Post tools:

TAGS :

 iPhone, security, software, Apple

Related Articles

Recent Articles

toggle

Comments

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -4
    09/09, 04:40pm | report spam | Reply |

    WTF???

    The firmware update is available for the iPhone or iPod touch and can be downloaded through iTunes. iPhone owners can update for free, while the firmware costs $5 for the Touch.

    According to Macintouch, it's only $5 for those not already running v3.0 of the OS.

    And is it an OS or firmware? I wish they'd make up their mind.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -3
    09/09, 04:48pm | report spam | Reply |

    Oh

    And apparently Apple has decided to s**** over the early adopters. I guess the 3.1 update from 2.0 is only worth $5 now? Learn a lesson here. Don't rush out and update. Wait until Apple decides to drop the price.

  1. zz5555

    Fresh-Faced Recruit

    Joined: Feb 2007

    +1
    09/09, 04:54pm | report spam | Reply |

    Why not both?

    "And is it an OS or firmware? I wish they'd make up their mind. "

    No reason it can't be both. And, in this case, it is. The firmware I work on uses Linux as the OS. Apple just has their own OS that they use in their iPhone firmware.

  1. lamewing

    Dedicated MacNNer

    Joined: Aug 2004

    -2
    09/09, 05:15pm | report spam | (1 reply) Reply |

    I also was screwed

    Yep,
    I paid the $20.00 as well to go to the 3.0 version and now folks can go to 3.1 for $5.00. Where is my iTunes credit (or the equivilant) Apple?

    I have read this before that the Touch cannot get the update for free because of legal issues...YET Apple has never explained these "legal issues" ... we are just supposed to trust them...because they are nothing like MS.

    While my iPhone is nice as a smart phone, and I use it quite often, my music playback will be provided by a dedicated player...and it won't be this intentionally nerfed iPod Touch. I am so disappointed by this yearly update.

    I guess I will look at the Sony x-series or the Zune HD for music playback...and I shouldn't have to. I should be able to buy a Touch with the same features as the iPhone, sans the phone part.

    Boo Apple Boo.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    09/10, 12:02pm | report spam | Reply |

    Re: You shoud read more


    You claim that Apple has never disclosed why iPod Touch users pay for upgrades, yet with EVERY_SINGLE_RELEASE it has been thoroughly explained. It has to do with accounting. Apple counts all monies made from iPod Touches as a 1 time deal which requires that no new functionality be added without charging for it. All monies from iPhones are counted over a 2 year period, hence no upgrade cost.


    Um, Apple doesn't explain this. Others explain it. But it isn't like Apple has an asterisk on their sales page explaining this.

    But it doesn't explain two other things.

    One: Why is the price now $5? It was $10. Is the value added now different than the value added then?

    Two: Why don't owners have to pay for v3.1? v3.1 adds features that weren't there before (genius for apps). Or arent these additions worth anything?

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Logitech FabricSkin Keyboard Folio for iPad

Since the fourth-generation iPad didn't evolve much over its predecessor, the market for iPad accessories has remained somewhat static ...

Huawei Ascend Mate

The Huawei Ascend Mate is a phone that fits the screen-size gap between the 4 to 5-inch smartphone and the seven-inch or more tablet, ...

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

toggle

Most Commented

 

Popular News