Got an iPhone or an iPod Touch? If so, it’s time to connect them to iTunes to get the latest version of Apple’s operating system for these devices. This latest version, dubbed 3.1.3, addresses a number of issues including the following:
CoreAudio
Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution
ImageIO
Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Recovery Mode
A person with physical access to a locked device may be able to access the user’s data
WebKit
Accessing a maliciously crafted FTP server could result in an unexpected application termination, information disclosure, or arbitrary code execution
WebKit
When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. This may result in
undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read.
The update also offers the requisite “stability and usability enhancements.” Confused? Don’t worry, just update and things will be fine. Although, if you’re worried, you could wait a couple days to see if this latest update breaks something else, which sometimes happens. For more on this update, visit Apple’s Security Update site.
