jailbreak-ipad-5-0-1

Apple iOS 6.0.1 Fixes Security Flaws

Flaws in the iOS kernel, WebKit and Passbook addressed

On by Thomas Brewster 0

Apple has released iOS 6.0.1 which fixes a host of security vulnerabilities from the initial release of iOS 6.

There were four flaws that required patching, one of which is an issue in the iOS kernel, which could have allowed “maliciously crafted or compromised iOS applications” to determine addresses in the kernel, Apple noted in its advisory.

Two of the issues were resident in WebKit, the basis of the Safari browser in iOS, which opened up users to remote code execution if they visited a maliciously crafted website.

iOS 6.0.1 released

Pinkie Pie, the sole winner of Google’s Pwnium 2 contest in October, discovered one of those flaws, whilst the other was found by Joost Pol and Daan Keuper of Certified Secure working with the HP Zero Day Initiative.

There was also a Passcode bypass flaw, which could have allowed hackers to gain access to the Passbook app, which lets users store passes for things such as flights or cinema tickets. The vulnerability would have let a determined cyber crook break into the app even when a device is locked.

“We recommend updating your software as soon as possible, as both updates contain critical vulnerabilities that allow an attacker to take control of your systems,” said Wolfgang Kandek, CTO of Qualys.

As these updates highlight, iOS is far from 100 percent secure. When iOS 6 was first released, it fixed 197 flaws.

Are you a security guru? Try our quiz!

Thomas Brewster
Author: Thomas Brewster
Security Correspondent, TechWeekEurope
Thomas Brewster Thomas Brewster Thomas Brewster

White Papers

Techweekeurope for mobile devices
Android-App Google Currents App for iOS

Last comment




0 replies to Apple iOS 6.0.1 Fixes Security Flaws

Leave a Reply

  • Required fields are marked *,
    Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>