IT security and control firm Sophos is urging iPhone and iPod
Touch users to upgrade their devices with the latest version of
Apple's eagerly awaited operating system - not just for the
enhanced usability features, but because the update fixes more than
40 security vulnerabilities.
Existing iPhone users can update their operating system for free
via iTunes to version 3.0, and take advantage of a number of
longed-for new features such as cut-and-paste, spotlight search and
a landscape virtual keyboard. However, Sophos experts note that
Apple has also included a number of important security patches
inside the update, making it crucial for both sets of users to
patch as quickly as possible. Sophos warns that the iPod Touch
customers are required to pay $9.95 for the privilege.
According to an advisory on
Apple's website, iPhone OS 3.0 patches 46 vulnerabilities,
including some that could potentially allow hackers to run
malicious code on a user's iPhone or iPod Touch if they visited a
booby-trapped website or viewed a specially-crafted image file.
"If left unpatched, hackers could run malware on your iPhone
just by you visiting a website or viewing a maliciously-crafted
image," explained Graham Cluley, senior
technology consultant at Sophos. "Although we haven't come across
any examples of hackers creating malware to exploit these
vulnerabilities as yet, it is vital that iPhone and iPod Touch
users understand the importance of this latest update. Without it,
they are leaving themselves potentially wide open to attack - it
pays to remember that no operating system is invincible."
"There's no doubt that some iPod Touch users will be unhappy
that they have to pay for their devices to be fixed, and it's
certainly unusual for a company to charge for important security
patches like this," continued Cluley on his blog. "In an
ideal world Apple would make free fixes available for iPod Touch
users who don't feel they need cut-and-paste and other new
features, but do want to be able to use the internet securely."
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.