Apple Shuts Security Holes

Friday, March 9, 2012 @ 04:03 PM gHale

Apple released iOS 5.1 for a boatload of products like the iPhone 3GS, 4 and 4S, the 3rd generation iPod touch, and iPad and iPad 2.

The update includes fixes for 91 issues with CVE identifiers. The majority, 66 of the issues, ended up being “unexpected application termination or arbitrary code execution” in WebKit due to memory corruption. Apple or members of the Google Chrome Security Team found most of the flaws, while Chrome special reward winner miaubiz found others.

Mac Trojan Steals Passwords
Appleā€™s OS X Tightens Security
Apple Deals with App Privacy Issues
Cracking Apple iWork Encyrption

The fixes take care of two screen lock bypass issues, including one, a race condition with slide to dial gestures that could bypass the passcode lock, discovered by Roland Kohler of the German Federal Ministry of Economics and Technology, and an uncredited discovery that Siri’s lock screen could forward messages to an arbitrary user.

Another error, which allowed a malicious program to bypass the sandbox by exploiting an error in the handling of debug calls, is also now under control. The error’s discovery went to the “2012 iOS Jailbreak Dream Team”. The company also fixed a flaw in Private Browsing in Safari that recorded JavaScript pushState and replaceState methods in browser history.

Other flaws fixed include information disclosure in CFNetwork with maliciously crafted URLs, an integer underflow when mounting disk images, an integer underflow when processing DNS records, and cross-origin issues with cookies and content which could enable cross-site scripting attacks.

iOS 5 devices have automatic update support, and the update should be available “over-the-air” or via iTunes. Users who wish to force the update can use the Settings app, select General and then Software Update, ensuring the device has a full charge or on charge.

Leave a Reply

You must be logged in to post a comment.