Your one-stop web resource providing safety and security information to manufacturers

Apple patched security vulnerabilities in iOS, including a bug used for the latest iPhone jailbreak tool, called Evasion.

Apple iOS 6.1.3 has patches for six vulnerabilities, including the screen lock bypass bug and a flaw in WebKit that can execute arbitrary code.

Apple Security Fixes in OS X
Apple Mends App Store Holes
One More iPhone Bug Found
Developer Site Zero Day Attack Source

The release of iOS 6.1.3 constitutes a major security update for iPhone, iPod and iPad users and it’s one most users should install as soon as they can. However, as a word of caution for those iPhone owners who have jailbroken their devices already: Installing the update will undo that process and prevent users from rolling back to the older, jailbroken state.

Perhaps the most serious vulnerability repaired in iOS 6.1.3 is the WebKit flaw, which an attacker could use for remote code execution.

Schneider Bold

“Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. An invalid cast issue existed in the handling of SVG files. This issue was addressed through improved type checking,” Apple said in its advisory.

In addition to that fix, Apple also included a patch for a known vulnerability in iOS that enables a user to bypass the PIN code lock to gain access to the device.

“A logic issue existed in the handling of emergency calls from the lock screen. This issue was addressed through improved lock state management,” Apple officials said.

Pin It on Pinterest

Share This