February 6, 2010
This past week Apple released a security update to the iPhone and iPod operating systems. This release addresses some key security weaknesses in the way the iPhone and iPod processe mp4 audio files, maliciously crafted TIFF images, a problem in how FTP sites are navigated from the device, and a memory corruption issue which permits someone to bypass the device password when connected via the iPhone/iPod USB cable interface. These problems pose the risk of malicious attacks on user data via the devices. Details are avaialable from Apple.
The Information Security Office recommendation is to update your device to OS 3.1.3 as soon as possible. The user must connect to iTunes to complete the updates.
Note that we recommend user first update to the latest version of iTunes (9.0.3) before connecting the iPhone/iPod to update the device through iTunes.
Posted by Thomas Siu at 06:49 AM