May 8, H Security – (International) iOS 5.1.1 closes iPhone holes. Apple released an iOS 5.1.1 update that closes four security holes in the iPhone and iPad operating system. Among the flaws is a WebKit problem that could allow a maliciously crafted Web site to crash applications or execute arbitrary code to take control of the device. The memory corruption flaw, discovered by the Google Chrome Security Team, affects iPhone 3GS, iPhone 4 and 4s, third generation, and later iPod Touch and the iPad and iPad 2. Another pair of flaws, one of which was used in Google’s Pwnium contest, allowed the staging of a cross-site scripting attack. The final flaw was a URL spoofing problem that allowed illegitimate domains to visually appear in the address bar as legitimate sites.
Source: http://www.h-online.com/security/news/item/iOS-5-1-1-closes-iPhone-holes-1569932.html
