Security improvements punctuate iPhone 3.0

In addition to the myriad functional changes offered in iPhone OS 3.0, many security improvements have also been made. Apple has outlined those changes in a lengthy technical note, which we’ve summarized here.

CoreGraphics gets six security improvements, running from PDF file management improvements to a change to FreeType, the font engine used in iPhone OS. Changes have been made to improve security when connecting to Exchange servers, as well as in ImageIO, international components for Unicode, IPSec and libxml.

Two security changes have been made to Mail — one adds a preference to turn off automatic loading of remote images, and another changes the behavior of call approval dialogs — they no longer are dismissed arbitrary when other alerts appear.

The MPEG-4 video codec improves handling of files; configuration profiles are handled better; Safari’s search history is now cleared when Safari’s history is cleared via the Settings application; and a change has been made to the handling of ICMP echo request packets to prevent the device from being reset.

More than a dozen changes have also been made to WebKit, the engine used by Safari. Memory corruption issues, cross-site scripting problems, type conversion, JavaScript handling and other changes have been made, as well.

Apple has posted the complete information to its security updates Web page.

(Editor's note: A link was added to the security updates Web page that details information about iPhone OS 3.0.)

Shop Tech Products at Amazon