Apple iOS 7.1 patches 41 vulnerabilities

Dozens of fixes address many serious bugs, courtesy of Google, jailbreakers and others.
Written by Larry Seltzer, Contributor

iOS 7.1, released today, fixes 41 vulnerabilities in the most recent version of the operating system.

The Webkit browser engine used by the Safari browser accounts for 19 of the vulnerabilities, and nine of these were reported to Apple by the Google Chrome Security Team. Any of the 19 could be used by a remote attacker to take user control of the device. Combined with a privilege escalation exploit, the user could take administrative control. (There are no such vulnerabilities in this set, but there have been many over the years.)

An especially interesting vulnerability is in dyld, OS X's dynamic linker/loader. The impact is "Text relocation instructions in dynamic libraries may be loaded by dyld without code signature validation. This issue was addressed by ignoring text relocation instructions." Normally bypassing code signing would be considered a very significant bug, but if the solution is to ignore the problem then perhaps it's not.

Even more interesting, Apple credits "evad3rs" for this vulnerability. They are likely referring to the purveyors of jailbreaks for iOS. Apple credits evad3rs with a total of four vulnerabilities, including one which could allow arbitrary code execution in the kernel, the stuff of which jailbreaks are made. [UPDATE: Previously the"evad3rs" link went to a different site which claimed to have an iOS 7,1 jailbreak. The site appears not to be a "legit" evad3rs site.]

It's not uncommon for Apple to patch vulnerabilities which were disclosed long ago. Several of the Webkit vulnerabilities date to last fall, but one (CVE-2012-2088), was reported in June, 2012. Apple patched it in OS X in March of 2013.

Editorial standards