Apple iPhone OS 3.0 Software Closes 46 Security Holes

According to a document posted yesterday on Apple's website, the latest iPhone OS 3.0 Software Update has managed to close a total of 46 documented vulnerabilities in one swoop.

Apple says that it does not disclose, discuss or confirm security issues for the protection of its customers "until a full investigation has occurred and necessary patches are available". The vulnerabilities affect all versions of iPhone and iPod Touch.

Around half of the security vulnerabilities concern Safari and Webkit which are essential for internet access. One concerns the prospect of remote code execution that can take place simply if a user visit a compromised website or views a booby-trapped picture.

Six security fixes target the iPhone's CoreGraphics with changes to the PDF file management as well as FreeType v2.3.8, the font engine used by the iPhone OS.

Other security fixes relate to ICMP echo requests, JavaScript, page transitions, color strings, cross-site scripting, memory corruption, HTMLSelectElement objects, SVG images, random number generation, XMLHttpRequest headers, CSS elements, document transformations, and Location or History objects.

and join more than 1550 other followers.