As expected, the 2.0 version of iPhone released today includes a number of security updates, patching more than a dozen holes in the slimmed-down OS X operating system that powers the devices.
That means for those who already own Apple's mobile device, it's time to update.
As detailed in a column last week, a number of these patches are updates that Apple shipped earlier this year for Safari and/or the version of OS X designed for Mac desktop and laptop computers. iPhone 2.0 bundles some 13 security updates, five of which address previously undocumented security flaws.
Among the more notable (if not serious) patches: One fix for the gadget's Safari Web browser that was addressed by a number of other software makers (including Mozilla) back in June 2006. Another Safari update plugs a security hole that Apple sealed in its Microsoft Windows version of Safari last month. Another fix corrects a bug in the iPhone's innards that Apple said could allow remote attackers to reset a targeted iPhone by sending it a specially crafted packet. An exploit for this vulnerability has been available online since February.
The new software is available for iPhone 1.0 and iTouch 1.1 devices, through iTunes.
Read more ...
Brian Krebs on Computer Security. The Washington Post Company.
Saturday, July 12, 2008
Speeding In Maryland Could Be Hazardous to Your Identity
If you've ever received a traffic ticket in Maryland, your name, birthday, Social Security number and address may be posted on the Maryland state Web site for anyone to find, Security Fix has learned.
Reader Mark Webster from Annandale, Va., alerted me that the official Maryland court records Web site lists the personal data of countless citizens. The citations listed go back more than 30 years, and include records even for routine traffic stops that were ultimately dismissed.
The records with sensitive data in them appear to be limited to tickets issued to people who currently or at one time lived in a state that previously used the Social Security number as the default driver's license or customer number. [..]
Read more ...
Brian Krebs on Computer Security. The Washington Post Company.
Reader Mark Webster from Annandale, Va., alerted me that the official Maryland court records Web site lists the personal data of countless citizens. The citations listed go back more than 30 years, and include records even for routine traffic stops that were ultimately dismissed.
The records with sensitive data in them appear to be limited to tickets issued to people who currently or at one time lived in a state that previously used the Social Security number as the default driver's license or customer number. [..]
Read more ...
Brian Krebs on Computer Security. The Washington Post Company.
Subscribe to:
Posts (Atom)
![[JP]Sec.](http://1.bp.blogspot.com/_w3x0VP6CzIc/RspuVwtFd1I/AAAAAAAABiI/VukcTNUqa2Y/s1600/MSNLogo.png)
