iPhone firmware 1.1.2 thwarts TIFF exploit

iPhone firmware 1.1.2 thwarts TIFF exploit

Summary: Apple has release iPhone firmware 1.1.2 in an attempt to close the TIFF exploit which could be used to jailbreak and hack iPhones running firmware 1.

SHARE:
26

Apple has release iPhone firmware 1.1.2 in an attempt to close the TIFF exploit which could be used to jailbreak and hack iPhones running firmware 1.1.1. The TIFF exploit is best implemented at JailbreakMe.com which allows you to jailbreak and hack an iPhone or iPod touch, add Installer.app, fix YouTube, then repair Safari's TIFF exploit hole so that the exploit loophole is closed–right from the device itself.

Has anyone discovered any new features in 1.1.2 other than fixing the TIFF exploit hole?

Topics: iPhone, Apple, Mobility, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

26 comments
Log in or register to join the discussion
  • I Don't Expect New Features

    It may be too early to figure the numbering scheme, but it looks to me as though a
    change in the z of a version x.y.z number means "security" changes. A change in the y
    may suggest new features (or feed to another commerce opportunity button).
    DannyO_0x98
    • What update?

      My system reports the current 1.1.1 is current. No updates available.

      I've seen no other mention anyplace else, yet.

      Anxiously awaiting . . . <smile>

      Jon
      serenitylodge@...
  • Gotta love the spin

    The Tiff exploit is a security hole and a security risk, but the spin of the article? Apple
    closed the exploit to shut down those who would unlock the phone. Again. Hilarious.
    frgough
    • Ah but is it a possible "security" problem that needs

      to be addressed? If not I'll give it to you but if so Apple is in a no win
      situation. If they leave it alone then people will start screaming about
      how insecure the iPhone is if they plug it people will scream that Apple
      is thwarting their desires. Can't win for loosing.....

      Paggan jim
      Laff
      • I would think this is a no brainer

        In security speak this exploit would be described as follows:

        A vulnerability in iPhone that allows a maliciously crafted TIFF file to execute arbitrary
        code.

        Just because someone used it to install useful apps doesn't mean it's not an exploit.
        frgough
  • RE: iPhone firmware 1.1.2 thwarts TIFF exploit

    Released? I haven't seen it, iTunes says 1.1.1 is the
    current version.
    rsbell
  • Where's the OS X patch?

    If the flaw is in a library in both, as it probably is, I expect more patches.
    rpmyers1
  • Big Bother Strikes Again!!

    We Know whats best for you. WE own the hardware YOU paid for!!
    JustAnAboveAverageJoe
    • It's a difficult balancing act....

      Being closed means you can customize the user experience and
      Apple has become known for it's user experience in a generally
      positve way. So does Apple take the chance of loosing it's rep to
      allow the iPhone to be more "OPEN"? Might that not kill the goose
      that laid the golden egg for Apple and make Apple well like everyone
      else? Being open in many ways means one is open to a host of
      problems. Besides you have every right to say "That's not for me and
      buy from a more open supplier"

      Pagan jim
      Laff
    • If this were phrased professionally

      Would you be as quick to judge? Here's how Secunia would write it:

      Patches a vulnerability that allows a maliciously crafted TIFF file to execute arbitrary
      code.

      Comes across a bit differently now, doesn't it?
      frgough
      • If it was then we would be debating the security

        aspect of OSX and how the tiff would be delivered? If it was vulnerable to drive byes? Things of that nature. But I think we both know that this is relay about revenue!
        JustAnAboveAverageJoe
        • Drive byes are only one aspect of security..Peope are

          another and far more dangerous in their own way. Sure people can get something
          that they think they want and purposely install it but does that make the iPhone more
          safe or less so? People have a way of not knowing what they are doing and malware
          writters have a way of sneaking into code things that are NOT wanted. So in the end
          this vulnerability might not be drive bye vulnerable but still if the security community
          casts it as a vulnerability then Apple is to be held responsible for it's continued
          existance.

          Pagan jim
          Laff
  • No balancing act what so ever!

    It's all about revenue. If you leave AT&T Apple does not get the approx $800.00 for the contract life time, and possibly more beyond. The user experience for the person who is Lawfully (See DCMA Exception) unlocking his phone is impacted negatively by having to play Cat and Mouse with Apple to maintain his freedom. We all know that apple is making money just off the sale of the Iphone so it is not like they are subsidizing it through the AT&T contract. The AT&T contract is just Icing on the Cake that they obviously are refusing to give up. This is nothing more than Apple protecting Revenue at the expense of their Tech Savvy customers! This is just Jobs talking out of both sides of his face. Music DRM BAD, Apple Lockin Good!!
    JustAnAboveAverageJoe
    • So do your busniess elswhere.......

      "IF" enough people agree with you Apple will change it's policy. (It's been done
      before) but if people like you are not a large enough market for Apple to notice so be
      it I'm sure you'll find others willing to take your money. If you want to play HACKER
      with the iPhone go right ahead and have fun being the dark thorn in Apple's side or
      imagine yourself being such even if Apple does not care all that much. You do have
      choices several in fact.

      Pagan jim
      Laff
      • I do for that very reason, and I dont want to be a

        HACKER. I belive Apple should give the consumer a choice, it's not like they are selling these things at loss or subsidizing them through the AT&T revenue. They don't mind opening up their hardware to Windows why would they mind unlooking the Iphone? Revenue loss thats why! Plain and simple!!
        JustAnAboveAverageJoe
        • Apple does give the consumer a choice.

          You can buy their products, or not.
          msalzberg
        • The Mac can run Windows but OSX is NOT open to Windows

          Big difference there.....

          Paggan jim
          Laff
    • Cat and (Dumb) Mouse game?

      I keep seeing the allusion to a "cat and mouse" game, including in this posting. I don't think the metaphor exactly applies.

      In the case of the iPhone, the mouse need only stop eating cheese provided by the cat. I.e. don't upgrade your iPhone. It's not as if the installer runs covertly and without your knowledge; you (alleged mouse) must actively choose to install the update. When Apple says "here is an update. If you install it, it will break your hacks and return control of the phone to Apple", only an idiot installs the update and then is shocked tha the hacks are disabled and Apple controls the phone again.

      The cat's game is nothing more insidious than to laod the cheese in the trap. Perhaps the mice should just switch to free-range cheese?
      TuCats
      • LOL, Free range cheese, I like that! Was that a

        referance to Googles Open Handset Alliance? I rather have a Iphone that does what I want as opposed to what Apple wants. Thats Just me. I wonder if there will be a Google Iphone?
        JustAnAboveAverageJoe
        • And that is FINE!!!

          But why do you complain about Apple and the iPhone? It's like swimming in shark
          infested waters and eventually getting bitten. Then you spend the rest of your life
          blanking about sharks. A shark is a shark.....Apple is Apple. Note not saying Apple
          is shark like.....heh heh he

          Pagan jim
          Laff