Security news18 June 2009
Apple update fixes 46 iPhone security holes, but iPod Touch owners have to pay iPhone and iPod Touch users urged to update to version 3.0 to ensure internet browsing security
IT security and control firm Sophos is urging iPhone and iPod Touch users to upgrade their devices with the latest version of Apple's eagerly awaited operating system - not just for the enhanced usability features, but because the update fixes more than 40 security vulnerabilities.
Existing iPhone users can update their operating system for free via iTunes to version 3.0, and take advantage of a number of longed-for new features such as cut-and-paste, spotlight search and a landscape virtual keyboard. However, Sophos experts note that Apple has also included a number of important security patches inside the update, making it crucial for both sets of users to patch as quickly as possible. Sophos warns that the iPod Touch customers are required to pay $9.95 for the privilege.
According to an advisory on Apple's website, iPhone OS 3.0 patches 46 vulnerabilities, including some that could potentially allow hackers to run malicious code on a user's iPhone or iPod Touch if they visited a booby-trapped website or viewed a specially-crafted image file.
"If left unpatched, hackers could run malware on your iPhone just by you visiting a website or viewing a maliciously-crafted image," explained Graham Cluley, senior technology consultant at Sophos. "Although we haven't come across any examples of hackers creating malware to exploit these vulnerabilities as yet, it is vital that iPhone and iPod Touch users understand the importance of this latest update. Without it, they are leaving themselves potentially wide open to attack - it pays to remember that no operating system is invincible."
"There's no doubt that some iPod Touch users will be unhappy that they have to pay for their devices to be fixed, and it's certainly unusual for a company to charge for important security patches like this," continued Cluley on his blog. "In an ideal world Apple would make free fixes available for iPod Touch users who don't feel they need cut-and-paste and other new features, but do want to be able to use the internet securely."
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
