iPhone OS Update Boosts Smartphone Security

While Apple's handheld computer, the iPad, is grabbing lots of headlines, lets not forget about the iPhone, which just got a mobile operating system update. In iPhone OS 3.1.3 we see some smartphone security and bug fixes while the Apple faithful await for iPhone OS 3.2, expected in March.

Apple (NASDAQ: AAPL) on Tuesday issued a point update to its iPhone OS, making only a few fixes to the phone's software despite not having patched it in months. It's likely there won't be a major fix until the release of OS 3.2, which will likely coincide with the release of the iPad slated for later in March.

OS 3.1.3 fixes not only the iPhone but the iPod Touch as well. According to the release notes, there are four security vulnerabilities addressed in the update. One prevents buffer overflow from a maliciously crafted mp4 audio file, which may allow for arbitrary code execution.

A second fix covers maliciously-crafted TIFF images, which may also lead to an unexpected application termination or arbitrary code execution. The third fix covers memory corruption that could allow someone to bypass the passcode security measure on the phone.

Finally, a fix in the WebKit browser will prevent a maliciously-crafted FTP server from causing information disclosure from the device, unexpected mobile application termination, or execution of arbitrary code.

Read the full story at InternetNews.com:
Apple's iPhone OS Upgrade Has a Security Angle