The new version of iOS 5 fixes scores of vulnerabilities in earlier versions of the iOS and apps such as iTunes and Safari--for a record total of 186.
Apple yesterday released iOS 5 for download and also disclosed the vulnerability update list for the new version to its security-announce mailing list. It details 96 separate vulnerabilities fixed in iOS 5 over previous versions of iOS.
New versions with security fixes were also announced for iTunes, Apple TV, OS X, Safari, and both Numbers and Pages for iOS. The total vulnerability count is 186, possibly a record.
The iOS updates are varied and many are highly critical. A large number of them are fixes to the Safari web browser and the WebKit engine on which it (and other browsers such as Google Chrome) is based. Nearly all of these same Safari and WebKit updates also apply to the OS X and Windows versions of Safari. So upgrading to iOS 5 might not be worth it just for the features. It should make you safer.
While you're waiting for iOS 5 to install (a process which we're told takes quite a while) make sure to check Software Update on your Mac or Windows system to apply fixes there.
It is also not unusual for Apple to issue fixes for very old vulnerabilities. In this batch we have CVE-2009-4022, an unspecified tw-year-old vulnerability in many 9.x versions of BIND, ISC's DNS server. In some configurations, the server is vulnerable to DNS cache-poisoning attacks, which allow users on the network to impersonate one another.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.