Apple Releases Firmware 3.0.1

Apple has released a new firmware upgrade to combat a sms bug that could leave your iphone vunerable for attack.

Read the following for further info:

Apple’s Info about 3.0.1 Upgrade

Summary
This document describes the security content of iPhone OS 3.0.1.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see “How to use the Apple Product Security PGP Key.

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see “Apple Security Updates.

Products Affected
iPhone, Product Security

iPhone OS 3.0.1
*CoreTelephony
CVE-ID: CVE-2009-2204

Available for: iPhone OS 1.0 through iPhone OS 3.0

Impact: Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution

Description: A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling. Credit to Charlie Miller of Independent Security Evaluators, and Collin Mulliner of Technical University Berlin for reporting this issue.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: