iPhone Software/Firmware Update 1.1.1 released: New features, security changes, update warning

Apple has released the iPhone Software/Firmware Update 1.1.1 through iTunes (use the “Check for Updates” button).

A warning accompanying the update reads:

“If you have modified your iPhone’s software, applying this software update may result in your iPhone becoming permanently inoperable. Making unauthorized modifications to the software on your iPhone violates the iPhone software license agreement, and the inability to use your iPhone due to unauthorized software modifications is not covered under your iPhone’s warranty.”

So if you have put third-party applications on your iPhone, restore it before applying this update by clicking the “Restore” button in iTunes. If you have unlocked your iPhone for use on a carrier other than AT&T, do not apply this update until further notice.

Listed new features in this 152.3MB update include:

• iTunes Wi-Fi music store
• Louder speakerphone and receiver volume
• Home button double-click shortcut to phone favorites or music controls
• Space bar double-tap shortcut to intelligently insert period and space
• Mail attachments are viewable in portrait and landscape
• Stocks and cities in Stocks and Weather can be re-ordered
• Apple Bluetooth Headset battery status in the Status Bar
• Support for TV Out
• Preference to turn off EDGE/GPRS when roaming internationally
• New passcode lock time intervals
• Adjustable alert volume

Undocumented features There are also few new features that Apple didn’t mention:

• There is now the ability to change your voicemail password directly from the iPhone. Tap “Settings,” then “Phone,” then “Change Voicemail Password.”
• You can now change the sound that is played when a new text message is received. Tap “Settings,” then “Sounds,” then “New Text Message.”
• There is now a “Debug console” for Safari, which shows HTML errors when rendering Web pages. Tap “Settings,” then “Safari,” then “Developer”
• There are new options for Video playback. You can start playing videos where they left off or from the beginning, and you can use closed captioning. Tap “Settings,” then “iPod.”

UPDATE: Apple has posted a video of the new features included in the iPhone 1.1.1 update.

Third-party native applications When your iPhone is restored to accept the version 1.1.1 software/firmware update, all third-party native applications (see our guide) will be deleted.

Also note that the current release of AppTapp (Installer.app) will not work with the new firmware/software release until a revised version is issued. As such, you will not be able to immediately, easily jailbreak your iPhone and install third-party applications after applying firmware/software update 1.1.1.

Security fixes Version 1.1.1 of the iPhone software/firmware also includes several security refinements:

• Bluetooth
• An attacker within Bluetooth range may be able to cause an unexpected application termination or arbitrary code execution. “An input validation issue exists in the iPhone’s Bluetooth server. By sending maliciously-crafted Service Discovery Protocol (SDP) packets to an iPhone with Bluetooth enabled, an attacker may trigger the issue, which may lead to unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of SDP packets.”
• Mail
• Checking email over untrusted networks may lead to information disclosure via a man-in-the-middle attack “When Mail is configured to use SSL for incoming and outgoing connections, it does not warn the user when the identity of the mail server has changed or cannot be trusted. An attacker capable of intercepting the connection may be able to impersonate the user’s mail server and obtain the user’s email credentials or other sensitive information. This update addresses the issue by properly warning when the identity of the remote mail server has changed.”
• Following a telephone (”tel:”) link in Mail will dial a phone number without confirmation “Mail supports telephone (”tel:”) links to dial phone numbers. By enticing a user to follow a telephone link in a mail message, an attacker can cause iPhone to place a call without user confirmation. This update addresses the issue by providing a confirmation window before dialing a phone number via a telephone link in Mail.”
• Safari
• Visiting a malicious website may lead to the disclosure of URL contents “A design issue in Safari allows a web page to read the URL that is currently being viewed in its parent window. By enticing a user to visit a maliciously crafted web page, an attacker may be able to obtain the URL of an unrelated page. This update addresses the issue through an improved cross-domain security check.”
• Visiting a malicious website may lead to unintended dialing or dialing a different number than expected “Safari supports telephone (”tel:”) links to dial phone numbers. When a telephone link is selected, Safari will confirm that the number should be dialed. A maliciously crafted telephone link may cause a different number to be displayed during confirmation than the one actually dialed. Exiting Safari during the confirmation process may result in unintentional confirmation. This update addresses the issue by properly displaying the number that will be dialed, and requiring confirmation for telephone links.”
• Visiting a malicious website may lead to cross-site scripting “A cross-site scripting vulnerability exists in Safari that allows malicious websites to set JavaScript window properties of websites served from a different domain. By enticing a user to visit a maliciously crafted website, an attacker can trigger the issue, resulting in getting or setting the window status and location of pages served from other websites. This update addresses the issue by providing improved access controls on these properties.”
• Disabling JavaScript does not take effect until Safari is restarted “Safari can be configured to enable or disable JavaScript. This preference does not take effect until the next time Safari is restarted. This usually occurs when the iPhone is restarted. This may mislead users into believing that JavaScript is disabled when it is not. This update addresses the issue by applying the new preference prior to loading new web pages.”
• Visiting a malicious website may result in cross-site scripting “A cross-site scripting issue in Safari allows a maliciously crafted website to bypass the same-origin policy using ‘frame’ tags. By enticing a user to visit a maliciously crafted web page, an attacker can trigger the issue, which may lead to the execution of JavaScript in the context of another site. This update addresses the issue by disallowing JavaScript as an “iframe” source, and limiting JavaScript in frame tags to the same access as the site from which it was served.”
• Visiting a malicious website may result in cross-site scripting “A cross-site scripting issue in Safari allows JavaScript events to be associated with the wrong frame. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of another site. This update addresses the issue by associating JavaScript events to the correct source frame.”
• JavaScript on websites may access or manipulate the contents of documents served over HTTPS “An issue in Safari allows content served over HTTP to alter or access content served over HTTPS in the same domain. By enticing a user to visit a maliciously crafted web page, an attacker may cause the execution of JavaScript in the context of HTTPS web pages in that domain. This update addresses the issue by limiting access between JavaScript executing in HTTP and HTTPS frames.”

—

Stay tuned for further details.

Feedback after updating? info@iphoneatlas.com.