Macrumors is quoting Spiegel.dewww. as saying that both a new security flaw has been found in iPhone OS 2.1, and that a patch will be included in iPhone OS 2.2 due to drop… tomorrow?!
[A] newly announced iPhone vulnerability that can force a (potentially expensive) phone call to be made simply by visiting a webpage in Safari… SIT reports that they notified Apple of the issue a month ago and that a fix will become available on November 21st through a firmware upgrade.
We’ve already run down the other new features rumored to be included in 2.2, so now we just sit by iTunes, hit the Update button, and wait (unless you’ve jailbroken, then remember to steer clear!)
Last week the UK ruled that Apple was misrepresenting the iPhone’s provisioning of “just the internet” due to the lack of support for two ubiquitously popular 3rd party plugins: Flash and Java. We’ve previously covered the will they/won’t they drama surrounding development and deployment of Flash and Java pretty much ad nauseum infinitum, as well as some seldom discussed yet surprisingly frightening concerns about Flash and its downright sneaky use of 3rd party advertising cookies.
More recently, however, another issue has come to light. Primarily concerned with Windows Vista security and how it can be circumvented, this issue throws a renewed focus on the danger of 3rd party plugins like Flash and Java, on how they interpret and run code on our machines, and how they provide an increasingly popular attack vector for bad guys (hackers, malware authors, identity thieves, etc.)
How does this all relate to the iPhone, and what about ZOMG! Can has my Flash vidz? Read on to find out!
Read the rest of this entry »
