Sophos Cloud Optix
Apple’s operating system updates, even the point releases, usually have quite a lot going for them.
(A point release is when only the number after the rightmost dot, or point, in the version string changes.)
For example, when OS X 10.8.2 was superseded by 10.8.3, Apple patched 21 security vulnerabilities.
Eleven of these vulnerabilities offered the possibility of remote code execution (RCE) exploits.
RCE holes are what make drive-by downloads possible, where you may end up getting infected merely by looking at a website, reading an email or viewing a document.
And when iOS 6.1.3 came out, we recommended it because it closed the door on a lock-screen bug that allowed you unlock an iPhone 5 without the passcode.
Just over a month later, and Apple has shipped iOS 6.1.4.
This time, though, there don’t seem to be any security fixes – not even for the lock-screen bug that was found in iOS 6.1.3, the update that fixed a lock-screen bug.
Note that this update is for the iPhone 5 only, so owners of iPods, iPads and earlier iPhones won’t be getting anything.
By the way, even if you do have an iPhone 5 and apply the update, assume that the iOS 6.1.3 lock-screen bug persists.
With that in mind, let me repeat our advice from March.
Make sure voice dialling is turned off, since the bypass trick only works if it is turned on.
Mind you, does anyone still voluntarily use voice dialling?
Surely you gave it up after the first time this happened:
A: [gossiping in the car] You know that odious chap, don’t you?
B: Who?
A: That bloke CALLed JOHNATHAN [*]
Mobile phone: [inaudible over car noise] Do you want to call Johnathan?
B: I know him, YES.
Mobile phone: [inaudible] Calling Johnathan
B: That guy who thinks butter wouldn’t melt?
Jonathan: [tinny, inaudible] Hello, Johnathan here.
A: Well, let me tell you something you didn’t know about JOHNATHAN.
Jonathan: [tinny, inaudible] Yes, this is Jonathan.
A: Are you listening, because this is juicy!
Jonathan: [tinny, inaudible] Go ahead.
Since the primary purpose of iOS 6.1.4 seems to be to improve speakerphone voice quality, there’s one more reason to turn voice dialling off!
[*] Name changed for security reasons.
But… what happened to Jonathan?
A screen shot with voice dialling turned on to show that it should be turned off….
Interesting idea…
Slow news day? Vendor releases minor point release on the same week they announce the next major release is only 3 months away…
Shocker…
Have Apple just invented the pointless point release?