Apple releases iOS 5.1.1; addresses three Safari vulnerabilities

Summary:In addition convenience fixes, iOS 5.1.1 patches three critical vulnerabilities in Safari that can spoof the address in the location bar, execute arbitrary code and XSS attacks.

Apple releases iOS 5.1.1 - Jason O'Grady

Apple today released iOS 5.1.1 (build 9B206, 54.4 MB) for iPhone, iPad and iPod touch. According to the release notes iOS 5.1.1 addresses the following:

  • Improves reliability of using HDR option for photos taken using the Lock Screen shortcut
  • Addresses bugs that could prevent the new iPad from switching between 2G and 3G networks
  • Fixes bugs that affected AirPlay video playback in some circumstances
  • Improved reliability for syncing Safari bookmarks and Reading List
  • Fixes an issue where ‘Unable to purchase’ alert could be displayed after successful purchase

Perhaps more importantly, iOS 5.1.1 also contains a number of security fixes according to Apple knowledgebase article HT5278, including Safari vulnerabilities that allow maliciously crafted websites to be able to spoof the address in the location bar, execute cross-site scripting attacks and cause unexpected application termination or arbitrary code execution.

The update is being pushed out to devices Over-The-Air (OTA), but iOS 5.1 users can also download it immediately by touching Settings > General > Software Update. You can also install iOS 5.1.1 by plugging your device into iTunes and clicking on Update.

Further reading:

Topics: Mobile OS, Apple, Hardware, iPad, Mobility

About

Jason D. O'Grady developed an affinity for Apple computers after using the original Lisa, and this affinity turned into a bona-fide obsession when he got the original 128 KB Macintosh in 1984. He started writing one of the first Web sites about Apple (O'Grady's PowerPage) in 1995 and is considered to be one of the fathers of blogging.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.