Apple fixes more bugs

THE BUILDER of high quality and totally secure products that mocks other companies for failing to meet its perfect standards has just released a number of patches to fix its flawed flagship products.

Apple has admitted that its Iphone, Ipod Touch and QuickTime have dangerous security holes and not even the mighty aura of Steve Jobs can protect them.

Common belief amongst the Apple fanboy community is that customers were starting to doubt in the powers of Messiah Steve Jobs and they had been punished with security vulnerabilities which made the product look just as insecure as anything Microsoft put out.

There is a plague of bugs that Apple has released fixes for so we will list some of the more serious ones.

The Iphone OS 3.1 and 3.1.1 has problems with its CoreAudio in  that a heap buffer overflow exists in the handling of AAC and MP3 files. If a user opens a maliciously crafted AAC or MP3 file the software will crash.

It also has a dodgy Recovery Mode, which means that a person with physical access to a locked device might be able to access the user's data. There is also a heap buffer overflow in the Recovery Mode command parsing. This could allow anyone with physical access to the device to bypass the passcode and access the user's data.

The shiny happy Iphone operating system also has a fault in its telephony software such that receiving a maliciously crafted SMS message could lead to an unexpected service interruption.

The Iphone's Webkit browser has a memory corruption issue wherein visiting a maliciously crafted website might lead to an unexpected application termination or arbitrary code execution.

Apple has also shipped QuickTime 7.6.4 to cover four vulnerabilities affecting Mac and Windows users.

There is a memory corruption issue that exists in QuickTime's handling of H.264 movie files. Viewing a maliciously crafted H.264 movie file can lead to an unexpected application termination or arbitrary code execution.

There is also a buffer overflow problem in QuickTime's handling of MPEG-4 video files. Opening a maliciously crafted MPEG-4 video file can lead to an unexpected application termination or arbitrary code execution.

QuickTime's handling of FlashPix files can create a heap buffer overflow that causes the software to crash.

There is another heap buffer overflow in QuickTime's handling of H.264 movie files. A maliciously crafted H.264 movie file can lead to an unexpected application termination or arbitrary code execution.

The Iphone and Ipod Touch updates are available via Itunes. The QuickTime patch is being pushed out via the automatic updating software in Mac OS X and Windows.

Meanwhile fanboys are fasting in a bid to show solidarity with Steve Jobs and are praying that he forgives the lack of faith of the French who have been complaining lately that their Istuff has been exploding. µ