If you have an Apple device that is capable of running iOS 6, you might have resisted upgrading it after hearing people complain about Apple’s new mapping application.
But now is the time to grab it for security reasons: iOS 6 patched a whopping 197 CVE-numbered vulnerabilities in 41 system components, broken down as follows:
- 6 security bypasses
- 1 denial of service (DoS) problem
- 1 privilege escalation
- 15 data leakage issues
- 11 remote code execution (RCE) holes
- 7 spoofing flaws
Now, with the release of iOS 6.0.1, there are four more reasons to get onto iOS 6 if you’re still one of the holdouts.
Bugs fixed include:
- A kernel data leakage issue, by means of which the kernel could be persuaded to reveal information about which code was at what address. This might not sound like much, but it subverts Address Space Layout Randomisation (ASLR).
- A Passcode bypass, potentially allowing your Passbook application to be accessed even after you locked your device.
- Two RCE flaws in WebKit, the core of any web browsing app on any iDevice.
This update also contains the following improvements and bug fixes, including:
- Fixes a bug that prevents iPhone 5 from installing software updates wirelessly over the air
- Fixes a bug where horizontal lines may be displayed across the keyboard
- Fixes an issue that could cause camera flash to not go off
- Improves reliability of iPhone 5 and iPod touch (5th generation) when connected to encrypted WPA2 Wi-Fi networks
- Resolves an issue that prevents iPhone from using the cellular network in some instances
- Consolidated the Use Cellular Data switch for iTunes Match
- Fixes a Passcode Lock bug which sometimes allowed access to Passbook pass details from lock screen
- Fixes a bug affecting Exchange meetings
- The update is available from iTunes or OTA.