In addition to adding features like Street View on Google Maps and performance improvements that could reduce the number of dropped calls, the latest software update for the iPhone released on Friday also plugs holes that could expose data on locked phones.
The update plugs a hole that lets someone with physical access to a passcode-locked device to launch applications without knowing the passcode. The hole was discovered in August.
Also fixed is a weakness that displays incoming SMS messages if the device is set to emergency call mode. This problem was discovered last month by a privacy conscious 12-year-old boy who uses his iPhone mostly to text with his girlfriend, according to his father.
Another fix prevents someone from making arbitrary phone calls by using the emergency call setting. Before the update, a person who got ahold of someone else's iPhone could make long-distance calls that are then charged to the device's owner. The update restricts the emergency calls to a limited set of numbers.
The update also fixes vulnerabilities that could lead to malicious code attacks from viewing malicious Web sites, Excel files, or TIFF images. It also fixes holes that could lower the encryption settings for point-to-point tunneling protocol-based VPN (virtual private network) connections and initiate phone calls when visiting a malicious Web site.