Apple has released patches for several flaws in its iPhone operating system, the most serious of which could allow an attacker to take control of a device.
The security holes can be found in all iPhone OS versions from 1.0 to 3.01. In addition, many of the flaws affect iPhone OS for iPod Touch versions 1.1 to 3.0.
The company detailed the 10 vulnerabilities in an advisory on Wednesday.
One major vulnerability leaves unpatched iPhones at risk of a denial-of-service attack, or of allowing an intruder to run code on the handsets, Apple said. The flaw lies in how WebKit, the open-source web-browser rendering engine in the OS, handles numeric character references.
The memory corruption hole means that if a user visits a malicious website, a hacker could force applications to close, or take control of the device.
iPhone users are also in danger from phishing attacks, Apple warned, as the WebKit engine has a flaw in how it handles characters. Hackers could use the International Domain Name (IDN) support and Unicode fonts embedded in Apple's Safari web browser to create a URL which contains lookalike characters.
The spoofed URL could be used in a malicious website to redirect users to a faked site that looks legitimate, Apple warned.
WebKit also contains a hole which could lead to a successful cross-site scripting attack — again leaving iPhone users open to phishing — and a flaw that could expose usernames and passwords.
Vulnerabilities also exist in Exchange Support, CoreAudio, MobileMail, Recovery Mode, Telephony and UIKit, according to the advisory. The security update is the second in recent months for the iPhone, which Apple said suffered from an SMS flaw in July.
In addition, Apple has patched four serious flaws in its QuickTime multimedia platform, all of which could let a hacker to take control of a device. In an advisory on Wednesday, the company said the flaws could be used to launch memory corruption and buffer-overflow-based attacks.
The iPhone OS flaws are fixed in version 3.1, which is now available. Apple has a policy of automatically updating iPhone OS to the latest version. The QuickTime vulnerabilities are patched in version 7.6.4, also available now.
ZDNet UK sister publication CNET News.com reported on Wednesday that the iPhone OS 3.1 update was reversing jailbroken iPhones. Some users have chosen to 'jailbreak', or hack, their iPhone to be able to run non-Apple approved applications and to access the file system.