Apple’s operating system updates, even the point releases, usually have quite a lot going for them.
(A point release is when only the number after the rightmost dot, or point, in the version string changes.)
Eleven of these vulnerabilities offered the possibility of remote code execution (RCE) exploits.
RCE holes are what make drive-by downloads possible, where you may end up getting infected merely by looking at a website, reading an email or viewing a document.
Just over a month later, and Apple has shipped iOS 6.1.4.
This time, though, there don’t seem to be any security fixes – not even for the lock-screen bug that was found in iOS 6.1.3, the update that fixed a lock-screen bug.
Note that this update is for the iPhone 5 only, so owners of iPods, iPads and earlier iPhones won’t be getting anything.
By the way, even if you do have an iPhone 5 and apply the update, assume that the iOS 6.1.3 lock-screen bug persists.
With that in mind, let me repeat our advice from March.
Make sure voice dialling is turned off, since the bypass trick only works if it is turned on.
Mind you, does anyone still voluntarily use voice dialling?
Surely you gave it up after the first time this happened:
A: [gossiping in the car] You know that odious chap, don’t you?
A: That bloke CALLed JOHNATHAN [*]
Mobile phone: [inaudible over car noise] Do you want to call Johnathan?
B: I know him, YES.
Mobile phone: [inaudible] Calling Johnathan
B: That guy who thinks butter wouldn’t melt?
Jonathan: [tinny, inaudible] Hello, Johnathan here.
A: Well, let me tell you something you didn’t know about JOHNATHAN.
Jonathan: [tinny, inaudible] Yes, this is Jonathan.
A: Are you listening, because this is juicy!
Jonathan: [tinny, inaudible] Go ahead.
Since the primary purpose of iOS 6.1.4 seems to be to improve speakerphone voice quality, there’s one more reason to turn voice dialling off!
[*] Name changed for security reasons.