Apple has released information on the security updates that were covered in the recent release of iOS 5.1.1. When it was originally released yesterday, all that we knew was that there were various bug fixes. This update actually covers some important security fixes too for Mobile Safari and WebKit based browsers in general.
- Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2. Impact: A maliciously crafted website may be able to spoof the address in the location bar.
- Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2. Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack. Description: Multiple cross-site scripting issues existed in WebKit.
- Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Description: A memory corruption issue existed in WebKit.
If you do a lot of web surfing on your iOS device it is definitely worthwhile upgrading to iOS 5.1.1 just for these security updates. Of course if you are running a jailbroken device you will want to still clear for now.
Given that, with iOS 5, Apple introduced over-the-air (OTA) updates to the iPhone, iPod touch, and iPad, it's interesting that they're still waiting and bundling security patches into larger software updates. OTA updates are done via bit-differential (delta file), and happen on-device and without the need to backup, re-install, and restore, so they're small and incredibly efficient. Apple could choose to push out security updates far more frequently. It's possible they think more frequent updates could annoy users, or their numbers tell them too many users are still updating over USB with iTunes for it to make sense right now. Hopefully, however, they're moving in that direction.
If you haven't yet updated to iOS 5.1.1 and you're looking f, here’s where to go:
- How to update your iPhone, iPod touch, or iPad over-the-air using iCloud
- How to update your iPhone, iPod touch, or iPad using iTunes on Mac or Windows
- iOS 5 help and discussion forum
