There are now 197 new reasons for iPhone, iPod Touch, and iPad users to upgrade to iOS 6, with Apple closing the same number of vulnerabilities in its mobile operating system.
The company released its security bulletin for the new version of iOS today, revealing what security flaws have existed in previous versions.
Vulnerabilities include three different ways of completely bypassing iOS' passcode lock, and at least 10 different ways of running arbitrary code. The latter types of vulnerabilities are what enable users to jailbreak their devices.
Some of the vulnerabilities are quirks in iOS' design, such as what happens when an iPhone connects to a Wi-Fi network. iOS in this case broadcasts the last networks it has accessed, even if the device is on an unencrypted Wi-Fi network that anyone can listen in on. Another example is that text messages received in iOS trust that the return address of the message was the sender, even though this information can be spoofed. As a result, text messages can be made to appear from anyone who an attacker chooses.
Of the 197 vulnerabilities, 142 are related to WebKit. Apple only recently patched 163 vulnerabilities in its latest release of iTunes, and the majority of those were also related to WebKit. Just as Google found more bugs in WebKit than Apple's own team, Google is responsible for finding 52 of the vulnerabilities that were closed in iOS 6, while Apple found 24.