Security improvements punctuate iPhone 3.0

Under the hood, security gets a boost

In addition to the myriad functional changes offered in iPhone OS 3.0, many security improvements have also been made. Apple has outlined those changes in a lengthy technical note, which we've summarised here.

CoreGraphics gets six security improvements, running from PDF file management improvements to a change to FreeType, the font engine used in iPhone OS. Changes have been made to improve security when connecting to Exchange servers, as well as in ImageIO, international components for Unicode, IPSec and libxml.

Two security changes have been made to Mail — one adds a preference to turn off automatic loading of remote images, and another changes the behaviour of call approval dialogs — they no longer are dismissed arbitrary when other alerts appear.

The MPEG-4 video codec improves handling of files; configuration profiles are handled better; Safari's search history is now cleared when Safari's history is cleared via the Settings application; and a change has been made to the handling of ICMP echo request packets to prevent the device from being reset.

More than a dozen changes have also been made to WebKit, the engine used by Safari. Memory corruption issues, cross-site scripting problems, type conversion, JavaScript handling and other changes have been made, as well.

Apple indicates that information will be posted to its security updates web page, but as this article was posted those changes had not yet been pushed live.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Appleiphone 3.0Security ID

Show Comments