About the security content of iOS 7.1.1

Your rating: None (2 votes)

Apple has published a list of security content in iOS 7.1.1, which was released this afternoon. Here are the highlights:

  • 'CFNetwork HTTPProtocol:' An attacker in a privileged network position can obtain web site credentials
  • IOKit Kernel: A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization
  • Security - Secure Transport: An attacker with a privileged network position may capture data or change the operations performed in sessions protected by SSL
  • WebKit: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Quite a bit for a dot-dot-one release. Set your compliance rules accordingly and encourage updates.

I'm curious: do any of you have stats on how quickly your users update?

Recent Activity