Rumour has it Apple will release iOS 4.3.1 in the next few weeks to close security holes, including the one in Safari mobile Web browser that allowed Charlie Miller to crack the iPhone during the recent Pwn2Own hacking contest.
At the same time the rumour made the rounds, Apple released OS X 10.6.7, which fixed another Safari vulnerability Miller had found for the Safari browser, but had not demonstrated at the contest.
“OS X 10.6.7 is out, fixes our Pwn2Own bug, but bug is still in latest iOS for a while longer, nice patch coordination,” Miller wrote on Twitter on late yesterday.
This update is especially important for owners of the new MacBook Pro systems because it fixes the graphics bug that caused hangs and crashes under heavy graphics load, Apple said. This update “improves graphics stability and external display compatibility” in the new systems, added the firm.
The minor update for the iPhone and iPad’s operating system will arrive in one or two weeks, according to Boy Genius Report, a site that focuses on communications and consumer electronics, yesterday. The update will contain “minor bug fixes,” as well address Miller’s Safari mobile Web browser flaw and the iPad2’s jailbreak vulnerability, the site said.
Charlie Miller and Dion Blazakis, researchers from Baltimore-based Independent Security Evaluators, exploited Apple’s Safari mobile browser on an iPhone with a drive-by-exploit at CanSecWest’s Pwn2Own hacking contest on 10 March. The hacked phone was running iOS 4.2.1, but Miller had said the flaw still existed in iOS 4.3, which had been released just the day before.
Under contest rules, HP TippingPoint, the contest’s sponsor, shared the details of the exploit with Apple, and it is reportedly fixed in 4.3.1.
Along with Baseband updates for the iPhone 3GS and the iPad, this new release will also fix the bug with memory hanging and being corrupted when reading large files from the USIM filesystem, the NTLM authentication problems in apps and on websites (associated with the challenge-and-response protocol for logging onto Microsoft accounts), and the issue of Springboard and third-party apps not recognising the gyroscope on the iPad2, BGR said.
BGR’s wireless carrier sources have been fairly accurate in forecasting iOS updates in the past. The site was only off by a day when it predicted the iOS 4.3’s early release earlier this month, although the exact release date for the iOS fix remains unclear.
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…