Apple releases iPhone update 1.1.1

Apple on Thursday released the much-anticipated software update for the iPhone. In addition to the iTunes Wi-Fi Store, the update also adds several new features to the iPhone.

New for the iPhone with software update 1.1.1 is loud speaker and receiver volume; Home button double-click shortcut to phone favorites or music controls; Space bar double-tap shortcut to intelligently insert period and space; Mail attachments are now viewable in portrait and landscape modes; Stocks and cities can be reordered; Apple Bluetooth Headset battery status is now in the Status Bar; support has been added for TV Out; Preference to turn EDGE/GPRS off when roaming internationally has been added; Passcode lock time intervals; and adjustable volume alerts.

Security updates

Feature updates are not the only focus of the update for the iPhone, Apple also addressed several security issues, as well. Three components of the iPhone — Safari, Mail and Bluetooth — have received updates to tighten security.

Safari

The application that received the most updates was Safari, with seven issues being fixed. In one issue, a hacker could obtain the URL of an unrelated page by enticing the user to visit a maliciously crafted web page. Another maliciously crafted web page bug that allowed cross site scripting was also fixed.

Apple also fixed an issue where hackers had the ability to dial phone numbers without user confirmation.

If you turned off JavaScript on your iPhone, it would not actually be turned off until Safari restarted, which for some could be quite a while. That preference is now implemented immediately. Another JavaScript related bug was fixed that allowed Websites to access or manipulate the contents of documents served over HTTPS.

Bluetooth

An input validation issue in the iPhone’s Bluetooth server could allow a hacker within range to trigger the flaw causing unexpected application termination or arbitrary code execution. With the update installed, additional validation of SDP packets is performed, fixing the issue.

Mail

The iPhone’s Mail application was updated to fix a couple of issues. The first involves checking email over untrusted networks — according to Apple, this may lead to information disclosure via a man-in-the-middle attack. An attacker capable of intercepting the connection may be able to impersonate the user’s mail server and obtain the user’s email credentials or other sensitive information.

Like the flaw in Safari, a Mail issue was fixed where a link in Mail could dial a phone number without confirmation.

The 152MB update is available from iTunes. When your iPhone is plugged in, click check for update.

Update: Added information about the security issues that have been fixed in the update. 2:49 pm ET.

recommended for you

Inside iPhone 1.1.1

Read more »

Subscribe to the iOS Tips & Trends Newsletter

Comments