Network News

X My Profile
View More Activity

A Baker's Dozen of Security Updates for iPhone 2.0

As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.

That means for those who already own Apple's mobile device, it's time to update.

As detailed in a column last week, a number of these patches are updates that Apple shipped earlier this year for Safari and/or the version of OS X designed for Mac desktop and laptop computers. iPhone 2.0 bundles some 13 security updates, five of which address previously undocumented security flaws.

Among the more notable (if not serious) patches: One fix for the gadget's Safari Web browser that was addressed by a number of other software makers (including Mozilla) back in June 2006. Another Safari update plugs a security hole that Apple sealed in its Microsoft Windows version of Safari last month. Another fix corrects a bug in the iPhone's innards that Apple said could allow remote attackers to reset a targeted iPhone by sending it a specially crafted packet. An exploit for this vulnerability has been available online since February.

The new software is available for iPhone 1.0 and iTouch 1.1 devices, through iTunes.

By Brian Krebs  |  July 11, 2008; 3:20 PM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Speeding In Maryland Could Be Hazardous to Your Identity
Next: Zone Alarm Update Fixes Microsoft Patch Problem


Brian - are you going to add the iPhone to your occasional review of software security update timeliness by Microsoft, Apple, and other companies? Or is the review restricted to PC software only?

Posted by: SSMD | July 11, 2008 3:48 PM | Report abuse

Hrm. Not sure, SSMD. But that's not a bad idea. Thanks!

Posted by: Bk | July 11, 2008 3:54 PM | Report abuse

Seems that the update servers are still down. iTunes keeps alternating between telling me v2.0 is available and that 1.1.4 is current for my iPod Touch.

Posted by: Darbish | July 11, 2008 4:01 PM | Report abuse

I downloaded and installed the update to my iPhone yesterday and today is smooth sailing.

Posted by: Don | July 11, 2008 4:26 PM | Report abuse

This isn't the best recommendation for people to do today, and possibly not tomorrow either. Yesterday of course this was fine to do.

There are untold numerous accounts of iPhones not being activated due to the overloaded Apple servers. Which means that the phone won't be a phone until that happens after it's been updated.

Of course if one has hours of spare time and is persistent enough about this, it might work today for them. But why do it when the rush is on ?

Posted by: Richard | July 11, 2008 8:02 PM | Report abuse

I upgraded my original iPhone yesterday without any problems.It did take some time to do so. I have purchased a couple of games that are very impressive.

Posted by: LarryG | July 13, 2008 5:57 PM | Report abuse

Let's see - Apple patch a vuln - CVE-2006-2783 - the rest of the community patched OVER two years ago?

Aren't they rushing things a bit? What's the hurry, Apple?

Posted by: Rick | July 18, 2008 7:41 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company