iOS 7.1.2 Now Available To Fix Mail, Lock Screen & Activation Lock Bugs

If you have an iDevice running iOS 7 of any description, you should immediately download and install iOS 7.1.2. The reason being is that according to this document posted by Apple, two nasty bugs among others are fixed in this release:

Lockdown

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: An attacker possessing an iOS device could potentially bypass Activation Lock

Description: Devices were performing incomplete checks during device activation, which made it possible for malicious individuals to partially bypass Activation Lock. This issue was addressed through additional client-side verification of data received from activation servers.

And:

Lock Screen

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: An attacker in possession of a device may exceed the maximum number of failed passcode attempts

Description: In some circumstances, the failed passcode attempt limit was not enforced. This issue was addressed through additional enforcement of this limit.

As well as:

Lock Screen

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: A person with physical access to a locked device may be able to access the application that was in the foreground prior to locking

Description: A state management issue existed in the handling of the telephony state while in Airplane Mode. This issue was addressed through improved state management while in Airplane Mode.

The first fix regarding Activation Lock fits the description of this bug that I reported on back in February. As for the lock screen bugs, it sounds like this issue (the first one that is in the linked story) and this issue have been addressed. There’s one more bug that that is fixed that I should point out:

Mail

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: Mail attachments can be extracted from an iPhone 4

Description: Data protection was not enabled for mail attachments, allowing them to be read by an attacker with physical access to the device. This issue was addressed by changing the encryption class of mail attachments.

That fixes this bug (the second one in the linked story) that I reported on earlier this year.

Thus as I said earlier, run and download this update ASAP. You’ll thank me for it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: