iOS update for iPhone and iPad blocks fake certificates - The H Security: News and Features

iOS update for iPhone and iPad blocks fake certificates

h-online.com | Apr 15th 2011 10:49 AM

The iOS 4.3.2 software update for the iPhone, iPad and iPod Touch has been released and among its security updates is the addition to a blacklist of the fraudulent SSL certificates which were issued after an attacker compromised the Comodo SSL Certification Authority. A the end of March, browser makers began blocking the fake certificates for the login.live.com, mail.google.com, www.google.com, login.yahoo.com, login.skype.com and addons.mozilla.org domains.

A bug in Quicklook, found by Charlie Miller and Dion Blazakis, which allowed arbitrary code to be executed on viewing a maliciously crafted Microsoft Office file has been fixed. In Webkit, an integer overflow when handling nodesets, found by Vincenzo Iozzo, Willem Pinckaers, Ralf-Philipp Weinmann and others, and a use after free issue in the handling of text nodes, discovered by Vupen and Martin Barbella, were also fixed. These issues had been reported through Tipping Point's ZeroDay Initiative. Finally, a fix to a libxslt bug reported by the Google Chrome Security Team, stops maliciously crafted web sites attempting to bypass ASLR protection.

The update also fixes non-security bugs which caused blank or frozen video in Facetime and a problem which prevented some international users from connecting to 3G networks on the iPad. Apple has also released iOS 4.2.7 which offers the same security fixes for the Verizon CDMA version of the iPhone 4. Users can update their iOS-based mobile devices using the latest version of iTunes.

Original Page: http://www.h-online.com/security/news/item/iOS-update-for-iPhone-and-iPad-blocks-fake-certificates-1228442.html

Shared from Read It Later

Elyssa Durant, Ed.M.

United States of America

Comments

  1. Nice overview!!
    Wow These are very cool Ipad accesories .Looking for More cool and stylish ipad accessories Check this one iPhone 4 covers

    ReplyDelete

Post a Comment