![]() Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack With the help of Sergey Glazunov (working with Google's Pwnium contest), as well as Adam Barth and Abhishek Arya of the Google Chrome Security Team, Apple has patched both of these flaws as well. Apple credits David Vieira-Kurz of MajorSecurity () for discovering and reporting the issue.Īffecting the exact same platforms, multiple cross-site scripting issues and a memory corruption issue exist in WebKit, a software component required to display web pages in Safari. The problem is not present on Mac OS X systems. IOS 5.1.1 has improved URL handling which addresses this issue. Impacting iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, and iPad 2, a URL spoofing issue exists in Safari and can potentially be used to direct the user to a spoofed site. Lastly, the update includes several security patches targeting Safari, the standard web browser on all Apple platforms. The update addresses bugs that could prevent the new iPad from switching between 2G and 3G networks, and bugs that affected AirPlay video playback in some circumstances.Īn issue has been fixed where ‘Unable to purchase’ alert could be displayed after successful purchase. IOS 5.1.1 is immediately available for download via iTunes or over-the-air (OTA) and improves reliability of using HDR option for photos taken using the Lock Screen shortcut, as well as reliability when syncing Safari bookmarks and Reading List. Apple has rolled out a surprise update for iDevice owners with the purpose of tweaking a few things and applying fixes, including some to improve the security of the platform.
0 Comments
Leave a Reply. |