On TV.com: ANNA FARIS photos
BNET Business Network:
BNET
TechRepublic
ZDNet

July 31st, 2007

iPhone software update 1.0.1 released (updated)

Posted by Jason D. O'Grady @ 6:55 pm

Categories: Software, Software Update, iPhone, iPhone Diary

Tags: Software, Apple iPhone, Jason D. O'Grady

In Focus » See more posts on: iPhone

iPhone software update 1.0.1 released

Apple this evening released iPhone Software Update 1.0.1 (1C25, 7.1 MB). Just like Greg Jozwiak promised and just under the deadline set by a group who threatened to release their iPhone vulnerability at the Black Hat conference in Las Vegas.

The update (see gallery) is only available if you connect your iPhone to iTunes and click on the Check for Update button on the summary screen. No information has been published about what, if any, feature enhancements are included in the update. At the present time it appears that it’s just a security fix.

Update: Apple has posted a knowledge base article (#306173) describing the security content of iPhone v1.0.1 Update. The update fixes five vulnerabilities in the Safari Web browser on iPhone:

Safari
CVE-ID: CVE-2007-2400
Impact: Visiting a malicious website may allow cross-site scripting
Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of Adobe Systems, Inc.

Safari
CVE-ID: CVE-2007-3944
Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution
Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators

WebCore
CVE-ID: CVE-2007-2401
Impact: Visiting a malicious website may allow cross-site requests
Credit to Richard Moore of Westpoint Ltd.

WebKit
CVE-ID: CVE-2007-3742
Impact: Look-alike characters in a URL could be used to masquerade a website

WebKit
CVE-ID: CVE-2007-2399
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Credit to Rhys Kidd of Westnet for reporting this issue.

I have posted a gallery of the installation and update process of the first ever iPhone Software Update.

Jason D. O'GradyJason D. O'Grady is the editor of PowerPage.org, which has been publishing daily mobile technology news since December 1995. For disclosures on Jason's industry affiliations, click here or to view Jason's full profile click here.

Email Jason D. O'Grady

Subscribe to The Apple Core via Email alerts or RSS.

  • Talkback
  • Most Recent of 5 Talkback(s)
Message has been deleted.
(Read the rest)
Posted by: kevencage Posted on: 08/01/07  (Edited: 08/06/07 @ 10:00) You are currently: a Guest | | Terms of Use
Threatened?  massiv_design | 08/01/07
Exactly!!!  WhiteBoy99 | 08/01/07
You must be a believer now!  ShadeTree | 08/01/07
This is not news!  WhiteBoy99 | 08/01/07
Message has been deleted.  kevencage | 08/01/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and