Apple quietly plugged nearly four dozen security holes when it pushed out an upgrade to iPhone OS 3.0 on June 17.
With iPhone OS 3.0, users are getting fixes for several critical flaws, a number of which could be exploited by an attacker to execute arbitrary code. The WebKit and CoreGraphics components were the most vulnerable with 21 and eight vulnerabilities, respectively.
Apple’s advisory on the issues can be found here.
The Apple iPhone OS 3.0 contains more than 100 new features, some of which were aimed squarely at enterprises. In March, Apple gave about 50,000 individuals who paid to be part of the company’s developer program access to both the updated SDK (software development kit) and the beta version of the operating system as part of an effort to bring more secure business functionality to the iPhone.
The popularity of the iPhone and other smartphones has brought about an increased interest in properly securing and managing the devices. Along those lines, the Center for Internet Security just released a benchmark with advice on using the iPhone securely.
“Phones are small and relatively cheap, and fashionable, so many companies still don’t realize-or don’t want to acknowledge-that they can be as serious in terms of breach effects as a laptop or desktop PC,” Gartner analyst John Girard said.