Tag: Apps

Posted on

July 2007 Addendum

I’ve been slacking a bit for the month of July. Blame it on the Summer weather and anything that can be associated with it.
Anyway, I’m just compiling stuff in July that I didn’t blog on time, I’ll update this as I look at my own notes.

Mozilla Foundations

Mozilla Firefox 2.0.0.6

Apple:

07.12.2007

Firmware Restoration CD 1.322.5MB
The Firmware Restoration CD is used to restore the firmware of an Intel-based Macintosh computer.

MacBook Pro EFI Firmware Update 1.31.8MB
This EFI Firmware update fixes a display issue on 2.2/2.4GHz 15-inch MacBook Pro models.

07.11.2007

iTunes 7.3.1 for Mac33.8MB | for Windows47.6MB
iTunes 7.3.1 addresses a minor problem with iTunes 7.3 accessing the iTunes Library.

QuickTime 7.2 for Mac51.4MB | for Windows 19.3MB
QuickTime 7.2 addresses critical security issues and delivers numerous bug fixes.

07.05.2007

iPod Reset Utility 1.0.2 for Mac3.46MB | for Windows2.2MB
Use iPod Reset Utility to restore the following iPod models back to their factory settings.<!–

Posted on

Apple Releases iPhone Software Version 1.0.1

Apple has released iPhone Software Version 1.0.1 that includes some bug fixes.
http://docs.info.apple.com/article.html?artnum=306173

iPhone v1.0.1 Update

  • Safari
    CVE-ID: CVE-2007-2400
    Available for: iPhone v1.0
    Impact: Visiting a malicious website may allow cross-site scripting
    Description: Safari’s security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This update addresses the issue by correcting access control to window properties. Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of Adobe Systems, Inc. for reporting this issue.
  • Safari
    CVE-ID: CVE-2007-3944
    Available for: iPhone v1.0
    Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution
    Description: Heap buffer overflows exist in the Perl Compatible Regular Expressions (PCRE) library used by the JavaScript engine in Safari. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issue, which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators for reporting these issues
  • WebCore
    CVE-ID: CVE-2007-2401
    Available for: iPhone v1.0
    Impact: Visiting a malicious website may allow cross-site requests
    Description: An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could trigger a cross-site scripting issue. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.
  • WebKit
    CVE-ID: CVE-2007-3742
    Available for: iPhone v1.0
    Impact: Look-alike characters in a URL could be used to masquerade a website
    Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by through an improved domain name validity check.
  • WebKit
    CVE-ID: CVE-2007-2399
    Available for: iPhone v1.0
    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
    Description: An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution. Credit to Rhys Kidd of Westnet for reporting this issue.

Other Bug Fixes found:

  • VPN Client – No longer asking for “numerical-only” passwords when turned on

The update can be obtained through iTunes (7.3.x or higher required)
http://docs.info.apple.com/article.html?artnum=305744
http://www.apple.com/support/iphone/

iPhone Sovtware Version 1.0.1

Posted on

Apple: Security Updates, Airport Extreme, Pro Application Supports, and Bonjour

Apple has been busy releasing updates to its softwares.

07.31.2007
Security Update 2007-007 is recommended for all users.
Security Update 2007-007 (10.3.9)48.7MB
Security Update 2007-007 (10.3.9 Server)63.3MB
Security Update 2007-007 (10.4.10 PPC)14.2MB
Security Update 2007-007 (10.4.10 Server PPC)23.8MB
Security Update 2007-007 (10.4.10 Universal)25.7MB
Security Update 2007-007 (10.4.10 Server Universal)35.3MB

AirPort Extreme Update 2007-004745KB
This update is recommended for all Intel-based MacBook, MacBook Pro, and Mac mini computers and improves the reliability of AirPort connections.

07.30.2007
Pro Application Support 4.0.17.6MB
This update improves general user interface reliability for Apple’s professional applications.

07.26.2007
Bonjour for Windows 1.0.42.1MB
This update is recommended for all Bonjour users to improve usability and compatibility.

Posted on

Apple iPhone: Rumor on The SDK

I was listening to TWiT Podcast (take that, Leo Laporte and your “netcast” term) for July 1st, 2007. Leo mentioned something that he later called as “maybe bogus” rumor regarding Apple iPhone SDK. Rephrasing what Leo said, Apple may already have an iPhone SDK for Mac OS X, but not for Windows platform.

Honestly, this might be true, even though we haven’t heard anything close to this rumor. Since the iPhone is running Mac OS X, one questions come to mind. Is it possible to develop an app for Mac OS X on Windows platform? Theoretically it might be possible, as long as Apple can provide the SDK.

Are there any Windows-based developers out there who want to write an app for the iPhone? I bet there are, and many of them wouldn’t want to buy a Mac just to develop some simple apps for the iPhone.

In a way, I understand how Apple wants to control the iPhone experience. The one thing I personally do not want is to have my iPhone crashing because of some apps I installed.

We’ll see how this will go in a few months.

Anyway, there are a few things I “overheard” regarding the iPhone and Mac OS X Leopard. I’d go through them and see if they are making any sense at all.