Security Improvements Punctuate IPhone 3.0

In addition to the myriad functional changes offered in iPhone OS 3.0, many security improvements have also been made. Apple has outlined those changes in a lengthy technical note, which we've summarized here.

CoreGraphics gets six security improvements, running from PDF file management improvements to a change to FreeType, the font engine used in iPhone OS. Changes have been made to improve security when connecting to Exchange servers, as well as in ImageIO, international components for Unicode, IPSec and libxml.

Two security changes have been made to Mail -- one adds a preference to turn off automatic loading of remote images, and another changes the behavior of call approval dialogs -- they no longer are dismissed arbitrary when other alerts appear.

The MPEG-4 video codec improves handling of files; configuration profiles are handled better; Safari's search history is now cleared when Safari's history is cleared via the Settings application; and a change has been made to the handling of ICMP echo request packets to prevent the device from being reset.

More than a dozen changes have also been made to WebKit, the engine used by Safari. Memory corruption issues, cross-site scripting problems, type conversion, JavaScript handling and other changes have been made, as well.

Apple indicates that information will be posted to its security updates Web page, but as this article was posted those changes had not yet been pushed live.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Best of PCWorld Newsletter