Slightly more than one month after releasing its much-hyped combination phone, called iPhone, Apple Inc. on Wednesday released the first security update for this revolutionary handset, and also issued 25 fixes for Mac OS X and the Safari 3.03 browser beta.
The three batches of software updates, iPhone v1.0.1 Update, Safari 3 Beta Update 3.0.3 and Security Update 2007-007 for update for Mac OS X, released more than a week after a security firm called Independent Security Experts (ISE) claimed they have found the first exploitable vulnerability in Apple's iPhone, a flaw that allows them to steal any data from the device or even to turn it into a remote surveillance tool.
Charles Miller, Jake Honoroff and Joshua Mason, researchers from Baltimore-based security firm notified Apple of the vulnerability and gave the company less than two weeks to fix the bug.
The updates and fixes for its popular iPhone are only available through iTunes and are not made available in a Macintosh Software Update application or in the Apple Downloads site, due to safety concerns. To install the patch, users must have an Internet connection and the latest version of iTunes.
The patches for Mac OS X operating system and the Safari 3.03 browser beta are available through Software Update preferences, or from Apple Downloads.
"The updates will not appear in your computer's Software Update application, or in the Apple Downloads site. When the iPhone is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting "don't install" will present the option the next time you connect your iPhone," the Cupertino, California-based iPod/Mac maker mentioned on its Website.
Apple has released five fixes bundled inside iPhone v1.0.1 Update for iPhone, an all-in-one cell phone/iPod/pocket computer which struck the market shelves in America on June, 29. The update addresses two flaws in the Safari browser, two more in Webkit, and one in Webcore.
The 2007-007 update for Mac OS X 10.3, also known as "Panther," and 10.4, better known as "Tiger," contains 25 fixes that address issues related to networking and audio functions, Kerberos security and vulnerabilities in PHP and Tomcat, in addition to several Web-based cross-site scripting and remote code execution flaws.
For the Safari 3 beta, Apple has issued four fixes, two of which are the same fix as found in the iPhone while the other patches fix flaws related to Java applets and Windows XP.
According to a source, Apple wanted to provide the fixes to users ahead of BlackHat conference on Thursday, where researchers were due to present information about the vulnerabilities.
Post new comment