Apple provides 197 security reasons to upgrade to iOS 6

Summary:Now that iOS 6 is available, Apple has revealed what security vulnerabilities exist and have been patched in its latest mobile OS.

There are now 197 new reasons for iPhone, iPod Touch, and iPad users to upgrade to iOS 6, with Apple closing the same number of vulnerabilities in its mobile operating system.

The company released its security bulletin for the new version of iOS today, revealing what security flaws have existed in previous versions.

Vulnerabilities include three different ways of completely bypassing iOS' passcode lock, and at least 10 different ways of running arbitrary code. The latter types of vulnerabilities are what enable users to jailbreak their devices.

Some of the vulnerabilities are quirks in iOS' design, such as what happens when an iPhone connects to a Wi-Fi network. iOS in this case broadcasts the last networks it has accessed, even if the device is on an unencrypted Wi-Fi network that anyone can listen in on. Another example is that text messages received in iOS trust that the return address of the message was the sender, even though this information can be spoofed. As a result, text messages can be made to appear from anyone who an attacker chooses.

Of the 197 vulnerabilities, 142 are related to WebKit. Apple only recently patched 163 vulnerabilities in its latest release of iTunes, and the majority of those were also related to WebKit. Just as Google found more bugs in WebKit than Apple's own team, Google is responsible for finding 52 of the vulnerabilities that were closed in iOS 6, while Apple found 24.

Topics: Security, Apple, Google, iOS, iPad, iPhone, Tablets

About

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.