Apple patch plugs iPhone, iPod Touch holes

Apple issued a patch on Tuesday for the iPhone and iPod Touch that plugs five holes, including several that could allow an attacker to take control of the device remotely.

Three of the vulnerabilities could allow someone to run code remotely, if an iPhone or iPod Touch user opened malicious audio or image files, or accessed a malicious FTP (File Transfer Protocol) server, Apple said.

Another vulnerability could allow someone with physical access to one of the devices to bypass the passcode on a locked device and access the data.

The patch affects iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod Touch. More information is on the Apple security Web page.

[anulsinn]

Does Steve Jobs call it buggy?

[bananaphonerules]

To be fair; its not a buggy product at all.
Its just a reminder that limited attacks does not equate to secure

[Seaspray0]

None of the major antivirus software makers has a version that runs on a smart phone. Maybe they should consider it.

[solitare_pax]

Good point - but realistically, could an antivirus program fit in the memory space of today's smart phones to guard against every malware attack in the book?

A simpler solution would be for the cellphone provider to run a periodic background scan of the phone and its records to make sure it wasn't hacked into.

[bananaphonerules]

Windows Mobile has a few AV products out there...and has for years.
But who cares right?

[Seaspray0]

@solitair pax. against every malware attack in the book? Of course not! How about against every malware attack specific to smartphones? That would shorten the list considerably, wouldn't it?

[ckrajani]

I dont know why we need another software to protect one software. This should be Apple's headache to keep the OS uptodate with the virus information so that there are less attacks...

[ikramerica--2008]

Well, there's that old joke:

Patient: Doctor, it hurst when I do this. What should I do?
Doctor: Don't do that...

This is the basis of a social engineering attack (these are generally social engineering attacks, though sometimes it's not you who is the idiot, but one of your friends who sends you something after they were an idiot).

The one that is the most troubling to me is the bypass the password hack, though from what I understand, anyone who wants to break into the phone with physical access, can do so, but the random thief won't now how to do that right away, long enough for me to remote wipe it.

[Mr. Dee]

Can this work with jail broken iPhones? My brother has one, but I am not gonna let him update until I know.

[stickfu]

If you mean will I be able to apply this update and have the phone still jail broken then the answer is no. You can install this update but say good bye to all the jail break features, tell your brother to wait until 3.1.3 is cracked.

[HevenStawking]

"The patch affects iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod Touch."

Technically, Elinor, the patch is for OS 3.1.2. After patching, it is OS 3.1.3.

We wouldn't want to confuse the cerebrally challenged, now would we?

Just sayin`......

[Whoshebooboo]

Product for pirates - iPatch

[Stormspace]

Are they charging iPod users for this one? How are they going to make their books look OK? :/

[ikramerica--2008]

FAIL

[losingmysenses]

it also un jailbreaks your device

[0v3rki11]

Personally I think that Apple releases these patches with the claims that they will help prevent users from these so called malicious attacks in order to un-jailbreak iPhones.

Has anyone seen any of these so called exploits proven in practice?

And further more I agree with prior comments that most of these attacks, if they exist, still rely on the stupidity of the user. If you just go and download or click on every file/link you get sent, then it's your own fault for being victimized.

Common sense is not common, and (insert deity of your choice) knows that if everyone were a tech expert I'd be out of a job. Exploits and stupidity keep me in business.

[Yelonde]

This is a security update. I doubt they will charge for this one.

[Yelonde]

This is a security update. I doubt they will charge for this one.

[Yelonde]

Woops, double post...

[Amaseng]

Or they could just release 4.0 and give us multiasking

Oh wait, then i would have to pay $10 for having an iPod Touch.

[Amaseng]

Or they could just release 4.0 and give us multiasking

Oh wait, then i would have to pay $10 for having an iPod Touch.

[FirewaveZ]

ugh...

I dont even know why I bother updating my ipod. Every single time Apple releases an update, it screws up my ipod, itunes or something else. This time, I got an error 6 when updating the software, and then I got the same error when it tried to restore the device. Now the thing wont even turn on, and windows doesnt even try to detect it.

Now I remember why I used to hate Apple products... Then again... I get reminded everytime Apple releases an update...

[deniceels]

Don't worry, I just got my 4th replacement iPod Touch in 2 years (my 5th set). You pain is understandable.

[FirewaveZ]

ugh...

I dont even know why I bother updating my ipod. Every single time Apple releases an update, it screws up my ipod, itunes or something else. This time, I got an error 6 when updating the software, and then I got the same error when it tried to restore the device. Now the thing wont even turn on, and windows doesnt even try to detect it.

Now I remember why I used to hate Apple products... Then again... I get reminded everytime Apple releases an update...

[FirewaveZ]

ugh...

I dont even know why I bother updating my ipod. Every single time Apple releases an update, it screws up my ipod, itunes or something else. This time, I got an error 6 when updating the software, and then I got the same error when it tried to restore the device. Now the thing wont even turn on, and windows doesnt even try to detect it.

Now I remember why I used to hate Apple products... Then again... I get reminded everytime Apple releases an update...

[TetherRdie]

SO .....will BLACKRA1N work with 3.1.3 for tethering on AT&T?

[EvanSei]

ya know if everyone would stop looking at pornography on their iPods and iPhones there would be a lot less viruses on the devise :) Anti virus would be nice though, I don't trust apple.

[youngstarr69]

Wait.. its an apple product, arent they supposedly immune to any kind of viruses or vulnerabilities? I All the mac fanboys i know would swear that apple products could never be affected by any malware... Am i missing something?

[Yelonde]

Nobody said they were immune. Apple products are simply not targets for hackers.

[vmlenigma]

If you have a Jailbroken Iphone DO NOT update your Device!