Apple released three batches of software updates and fixes for its iPhone, Mac OS X operating system and the Safari 3.03 browser beta, media reported Thursday.
The iPhone fixes address a pair of Safari-related vulnerabilities that came up almost immediately after the phone's release.
This is Apple's seventh security update this year. The bundled patches address approximately 45 vulnerabilities.
The iPhone 1.0.1 update came in just under the wire and beat the Aug. 2 deadline set by the Independent Security Evaluators (ISE), which found the vulnerability.
Researchers Charles Miller, Jake Honoroff and Joshua Mason set the clock ticking when they notified Apple of the flaw and gave the company two weeks to fix the problem before a planned presentation at the annual Black Hat conference in Las Vegas.
Users who visit a maliciously crafted Web page could open themselves to an exploit through which a criminal could gain access to SMS (short message service) messages, the address book, call history and voice mail data. iPhone wasn't the only Apple product that needed some patching.
Apple also issued 25 fixes for Mac OS X 10.3.9 and 10.4.10, addressing networking and audio functions, Kerberos security and vulnerabilities in PHP and Tomcat, plus numerous Web-based cross-site scripting and remote code execution vulnerabilities.
For the Safari 3 beta, Apple issued four fixes, two of which are the same fix as found in the iPhone. Another patch fixes a flaw that prevents Java applets from loading should the user have Java disabled. Finally, there is a Windows XP fix that handles buffer overflows when adding a new URL to the favorites list.
To install the patch, iPhone users will need an Internet connection and the latest version of iTunes, Apple said. When the iPhone is connected to the computer, iTunes will give the user the option to install the update.
Those who select "don't install" will have the option to get the update the next time the phone is connected, but Apple cautioned iPhone users not to wait. Source:Xinhua/agencies
The World of Harry Potter
No comments:
Post a Comment