Apple releases iOS 7.1.2 with Bug fixes

Apple releases iOS 7.1.2 with Bug fixes

0 444
Apple iOS 7.1.2
Apple iOS 7.1.2

Apple has released iOS 7.1.2. This update contains bug fixes and security updates. These include an update to iBeacon connectivity and stability, data transfers for 3rd party accessories, and data protection class issues with Mail attachments.

To learn about other Security Updates, see Apple Security Updates.
iOS 7.1.2

    Certificate Trust Policy

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: Update to the certificate trust policy

Description: The certificate trust policy was updated. The complete list of certificates may be viewed at http://support.apple.com/kb/HT5012.

    CoreGraphics

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: Viewing a maliciously crafted XBM file may lead to an unexpected application termination or arbitrary code execution

Description: An unbounded stack allocation issue existed in the handling of XBM files. This issue was addressed through improved bounds checking.

CVE-ID

CVE-2014-1354 : Dima Kovalenko of codedigging.com

    Kernel

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: An application could cause the device to unexpectedly restart

Description: A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through additional validation of IOKit API arguments.

CVE-ID

CVE-2014-1355 : cunzhang from Adlab of Venustech

    launchd

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: A malicious application may be able to execute arbitrary code with system privileges

Description: A heap buffer overflow existed in launchd’s handling of IPC messages. This issue was addressed through improved bounds checking.

CVE-ID

CVE-2014-1356 : Ian Beer of Google Project Zero

    WebKit

Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later

Impact: A maliciously crafted website may be able to spoof its domain name in the address bar

Description: A spoofing issue existed in the handling of URLs. This issue was addressed through improved encoding of URLs.

CVE-ID

CVE-2014-1345 : Erling Ellingsen of Facebook

Source: Apple