Apple’s iOS 7 Update Fixes 80 Security Bugs

Yesterday’s iOS 7 update brought a slew of bug fixes, 80 in total, to Apple devices.

We are one day in and Apple’s sleek new mobile operating system, iOS 7, has been dissected to death – the colors, the similarities to Android’s OS, the amount of time it took some users to download the update from Apple’s servers. Those talking points aside, the update also brought a slew of bug fixes, 80 in total, to devices that should appease Apple users with security concerns.

The update fixes a handful of issues, most which could lead to a denial of service attack or trigger unexpected application termination or arbitrary code execution on devices like an iPad, iPod Touch or iPhone running an out of date OS.

Some of the bigger flaws addressed involve two fixes for passcode bypass flaws, one (CVE-2013-0957) that could’ve allowed an attacker to break an app in the third-party sandbox and determine the user’s passcode and a second (CVE-2013-5147) that exploited the way the iPhone handled calls to bypass the screen lock in iOS 6.1.

Another similar data privacy bug could have allowed an attacker to intercept user credentials by compromising a TrustWave certificate (CVE-2012-5134). TrustWave issued and subsequently revoked the faulty sub-CA certificate.

Four Safari bugs were also addressed in yesterday’s update, including a problem where the browser’s history was still visible even after it was cleared and a problem stemming from a memory corruption issue in the way it handled XML files and a cross-site scripting flaw on sites that allow users to upload files.

The oldest bug in the batch appears to be a kernel issue from 2011 discovered by Marc Heuse where-in an attacker could have sent specially crafted IPv6 packets to an iPhone 4 and caused a high CPU load. While the bug is known as CVE-2011-2391 in the Common Vulnerabilities and Exposures database, the CVE warns the attached date does not necessarily reflect when the vulnerability was discovered.

Several vulnerabilities from 2012 are also addressed in the update, all involve fixing arbitrary code execution bugs in the libxml and libxslt libraries.

While not discussed in the update notes, iOS 7 also fixes a previously disclosed “USB charger” bug that surfaced in August that allowed hackers complete access to devices via a modded charger. Apple spokesman Tom Numayr confirmed last month that iOS 7 would give users the choice whether or not they want to trust the computer their device has been connected to.

Those interested in the full rundown of security fixes can head to Apple’s Mailing Lists email, posted yesterday.

Suggested articles