To say the least, Apple has had a lot on its plate lately. The company and extended gadget community is still abuzz with news of the recently unveiled iPad 3, Apple TV and even an updated iTunes, announced last week. But alongside its newly revealed tech toys, Apple has of late delivered a one-two punch with a pair of monster updates that essentially give a security makeover to its Safari Web browser and iOS platforms.
On Monday Cupertino issued an update for its Web browser that patched a record 83 security vulnerabilities in its latest Safari 5.1.4--72 of which were for its troublesome WebKit, the framework used to render pages in its Web browser Safari, iOS and numerous other applications. The Safari 5 update, which outpaces Apple’s former record of a 62-patch update in March 2011 according to ComputerWorld, applies to Safari running on OS X Lion 10.7.3 and Snow Leopard 10.6.8, as well as Windows 7, Vista and XP and is available on the Software Update menu or download page.
Among the plethora of Safari patches was one that repaired a glitch enabling miscreants to redirect a user’s Safari browsing session to a spoofed or malicious Web page. The flaw allowed cyber criminals to use the International Domain Name (IDN) support in Safari to create a URL which contained look-alike characters that could be used to direct the user to a spoofed page appearing to be legitimate.
Apple also addressed an issue that allowed Web page visits to be recorded in browser history even when Private Browsing mode was activated and fixed a bug that caused the screen to dim when watching HTML5 movies.
Meanwhile, the vast majority of fixes were for WebKit, which plugged a slew of memory corruption holes that could lead to remote code execution, as well as information disclosure, cross-origin and cross site scripting attacks.
The major Safari patch complements another mega update when Apple plugged more than 80 security holes with the release of iOS 5.1 for the iPhone 3GS, 4 and 4S, as well as iPod touch, iPad and iPad 2 last week.
The new iOS 5.1 update, available for the iPhone, iPod, and iPad via automatic updates on the device or iTunes, addressed a multitude of security bugs, including major repairs for WebKit, Passcode Lock, Siri, Kernel and CFNetwork, among others.
Perhaps not surprising, the vast majority of the 5.1 update targeted flaws in WebKit. Known flaws included cross-origin issues, which allow attackers to drag and drop content or reveal cookies across origins as well as execute cross-site scripting attacks. The WebKit fixes also repaired memory corruption issues that could lead to arbitrary code execution or system crashes when a user visits a malicious Website.
Also included in the patch were fixes for Apple's (ahem) vociferous personal assistant program Siri, recently introduced on iOS devices. Specifically, the update addressed a design flaw in Siri's lock screen mechanism that would allow an attacker with physical access to the device to be able to access an e-mail message and forward it with a voice command to an arbitrary recipient if mail was open with a message selected behind the locked screen. The update fixed the issue by disabling the forwarding of active messages from the lock screen state, according to Apple.
Similarly, the patch also fixed a Passcode Lock race condition issue in the handling of the slide to dial gestures—the horizontal finger slide that allows a person to gain entry to their device-- which enabled an unauthorized person with physical access to an iOS device to be able to bypass the screen lock feature.
In addition, the patch included a fix for a major kernel glitch that could enable malicious programs to bypass sandbox restrictions, a function that essentially prevents or minimizes malware infection by isolating the other programs running on the device. However, a logic issue in the handling of debug system calls could enable a malicious program to circumvent the sandbox feature to run code in other programs with the same user privileges.
CFNetwork, a framework that provides a library of abstractions for network protocols, also received a bit of an overhaul when Apple fixed an issue in the handling of malformed URLs, which enabled sensitive information disclosure when users visited a malicious Website.
Meanwhile the iOS makeover was marred only slightly by news delivered via Twitter last week that Apple's Dev Team had updated its jailbreak tool to support a “tethered 5.1 jailbreak” just hours after the new iOS was released.