Technology news and Jobs 
Information Technology News Apple updates include security fixes
Information Technology News Apple updates include security fixes | Apple updates include security fixes |
|
| by Stephen Withers | |
| Thursday, 17 January 2008 | |
  
Featured Whitepaper
5 Best Practices for Smartphone Support
corrects four flaws that had been reported to the company involving the processing of various types of content. All could result in crashes or execution of arbitrary code, triggered by malicious content. The specific content types affected are Sorensen 3 video files and PICT images, while another two issues were corrected involving the processing of QuickTime movies generally. QuickTime 7.4 also delivers "numerous bug fixes", to borrow Apple's own phrase. Despite Apple's concentration on new functionality, the iPhone and iPod touch updates also include security fixes. Common to both devices are fixes for a memory corruption issue in Safari that could allow a maliciously crafted URL to crash the browser or execute arbitrary code, and a WebKit flaw that could be used in a cross-site scripting attack, possibly leading to the disclosure of sensitive data. The iPhone-specific fix corrects a situation where an attacker could bypass the phone's passcode lock to launch applications. The bug was in the way the iPhone (correctly) allows emergency calls to be made even when the handset is locked. iMovie 7.1.1 (which, somewhat confusingly is iMovie '08) improves the ability to publish movies to a .Mac web gallery, addresses unspecified minor issues, and generally improves the stability of the movie editing program. Front Row 2.1.2 is another bug fix release that provides better compatibility with iTunes for Apple's 'lean back' media player interface. |
Tags
| < Next story in category | Previous story in the category > |
|---|
