Apple's iOS 5.0.1 is out - should you upgrade?

Filed Under: Apple, Featured, iOS, Mobile, Vulnerability

Apple's latest iOS update is out.

The new version bumps iOS5 up to 5.0.1, and is Apple's first OTA update.

OTA stands for "over-the-air", and means that you can download and apply the update directly from your iDevice.

You no longer need to download the entire firmware file to your computer - including yet another copy of everything which hasn't changed in iOS - and push it to your device.

(OTA updating isn't yet mandatory. If you prefer to keep full copies of each iOS firmware distro, you can still use the download-and-install-with-iTunes method.)

According to Apple, the highlights of the 5.0.1 update are that it:

* fixes bugs affecting battery life,

* adds Multitasking Gestures for the original iPad,

* resolves bugs with Documents in the Cloud, and

* improves voice recognition for Australian users using dictation.

Strewth! That last one's a bonzer boost for blokes and sheilas everywhere! Gives an Aussie something worth lifting a tinnie to after the Baggy Green got such a big hiding from the South Africans in the cricket!

Importantly, 5.0.1 also fixes a number of security flaws, including a remote code execution (RCE) vulnerability involving font handling. RCE means that a cybercriminal might be able to trick your device into running software without asking you, even if you're just browsing the internet.

Interestingly, Charlie Miller's recent and controversial App Store hole has also been patched. Miller showed how to write an innocent-looking App which, once approved by Apple, could fetch and run unapproved software.

Miller was unceremoniously banned from the Apple Developer scene for at least a year; there's no word from Apple, however, on whether he'll be readmitted now the hole is fixed.

And 5.0.1 patches the so-called Smart Cover bug. The iPad 2 didn't always force you to enter your passcode when you opened the Smart Cover of a locked device. A thief couldn't start any applications, but could get access to some of the data on your device.

Jailbreakers will be pleased to note that devices suitable for running a jailbroken iOS5 - a list which sadly still excludes the iPhone 4S and the iPad 2 - can happily run a jailbroken iOS5.0.1.

If you are a jailbreaker, however, note that there is not yet any way to go back to iOS5.0 once you've moved on to 5.0.1.

That means that you'll never be able to use Charlie Miller's code-signing vulnerability for jailbreaking purposes in the future, for example if an iPad 2 jailbreak appears which relies on it.

And that leaves us with one question: should you update?

Some reports suggest that 5.0.1 brings with it a raft of new problems, and that the update might not, after all, fix your battery issues.

But these complaints are still anecdotal and unscientific, so if you trust Apple and you're not into jailbreaking, I'd suggest updating to 5.0.1 as soon as you conveniently can.

The font and code-signing vulnerabilities may not have made it to Apple's highlights list, but each of these bugs on its own can be considered sufficiently important to warrant a prompt update.


-
PS. The iOS 5.0.1 image comes from http://cydiahelp.com/.

, , , , , , , , , ,

You might like

10 Responses to Apple's iOS 5.0.1 is out - should you upgrade?

  1. Pssst. The new iPhone is a 4S not 4GS. Apple stopped using the "G" with the iPhone 4. :)

  2. Peter R · 1083 days ago

    Think I will wait till iOS 7:). By then Apple may have fixed it's security issues. All those years of Mac bagging Win about security bugs. How's it feel boys to be on the other side?

  3. Retired Geezer · 1083 days ago

    The most recent update, 5.0, deleted all the apps from my wife's phone and deleted all the music from my phone. Sure I could restore them but it took me a couple of hours.

  4. Dave · 1083 days ago

    Updated my iPhone wired-up no problems. Tried my wife's iPhone OTA and the update failed then iTunes failed to recognise the device. Had to go through the restore routine. After that experience, I decided to update my iPad via the wire. Don't risk it, do not update OTA.

  5. Joe · 1083 days ago

    This OTA thing is a lark. I had my iPad 2 tethered to my iPhone 4 and the iPad downloaded the update, installed successfully etc.

    When I attempted to install it in the phone it insisted I must be on a wifi connection.

  6. Bill Johnson · 1082 days ago

    The font issue was found by Apple. Check the credit line.

  7. Guest · 1079 days ago

    The IOS 5.01 OTA upgrade went really fast for me. Compared to the hours of updates on the PC (was PC iTunes invented by Apple to torture Windows users?) it was a piece of cake. HOWEVER ***
    **** IT DIDN'T DO A THING TO IMPROVE BATTERY LIFE!!!!

  8. Convert · 1079 days ago

    Upgraded to iOS5 on my iPhone4 and experienced same hours of update (but it was a 700MB update!) and experienced only half previous battery life - 24 hours as opposed to 48hours. 5.0.1 OTA went flawlessly (some 30MB?) and back to my 48 hours!

  9. Seb · 1076 days ago

    It fixes one thing and it screws up the other - I can't start any of the apps I've installed after upgrade - these include : Skype, Facebook, BBC iPlayer etc.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog