Security firm warns lack of iOS 4.3 update leaves iPhone 3G vulnerable
Security company Sophos is warning iPhone 3G and older iPod touch owners that their devices could be vulnerable to attack following Apple's decision not to make the iOS 4.3 update available to them.
In addition to AirPlay improvements and iTunes Home Sharing, the iOS 4.3 update fixes a number of security holes, but it's only available for the iPhone 3GS, iPhone 4, the iPad and more recent iPod touch models.
"[I]f you have an earlier iPhone or iPod touch your device is probably vulnerable to attacks which exploit these security holes, and there is no official patch available for you to protect yourself. That's bad news for the many people who still have an iPhone 3G, for instance," says Graham Cluley, senior technology consultant at Sophos.
The security fixes are detailed in an Apple knowledgebase article. They protect against maliciously-crafted TIFF image files, which could be used to run malicious code on your device, as well as fixing many memory corruption issues in WebKit, the basis of the Safari web browser. Sophos warns this could lead to unauthorised code being executed.
Although none of these exploits have been found in the wild so far, owners of older Apple devices are still potentially vulnerable. "If you were looking for an excuse to upgrade your iPhone or iPod touch, maybe you've just been given a good one by Apple," says Cluley. "But if you were happy with your iPhone 3G, I doubt you're feeling too good about having to reach into your pocket."
[Via Computer Weekly]
Share
Security company Sophos is warning iPhone 3G and older iPod touch owners that their devices could be vulnerable to attack following...
Add a Comment
I knew it was only a matter of time before people complained about the iPhone 3G not being part of the iOS 4.3 update...
Look the bottom line is... if you updated your iPhone 3G from 3.1.3 then you are an idiot. Enjoy your molasses phone. Those who didn't upgrade, you can laugh at those that did.
Bye.
On the contrary, I eventually upgraded to 4.2.1 and I am glad I did. Not too bad. I will be getting the IPhone 5 when available. 3 years out the 3G ain't bad.
March 12 2011 at 8:47 PM Report abuse Permalink rate up rate down Replysounds like a great way for apple to force all of us to buy their newest product. We all know once you go Mac you never go back...
March 12 2011 at 3:14 PM Report abuse Permalink rate up rate down ReplyAgreed. I was so disappointed that Snow Leopard wouldn't install on my Apple II. How dare a company EVER discontinue support for one of their products!
March 12 2011 at 10:56 PM Report abuse Permalink rate up rate down ReplyThey actually did it once with iOS 3.1.3. The PDF exploit has never been fixed for first-generation device owners. (I mean there is no 3.1.4 that addresses this issue)
March 12 2011 at 2:13 PM Report abuse Permalink rate up rate down ReplySome of you seem to be forgetting that right now, Apple is providing the BEST support for existing, already sold cell phones in the market, bar NONE.
Nobody else provides updates for phones that were last sold almost a year ago. Features phones typically get ZERO updates ever, even if the manufacturer updates the firmware to fix bugs during the manufacturing of the phone. Smartphones from all the major manufacturers also typically get ZERO or ONE update EVER. If you graphed number of updates for a phone by model, you would see a really large hump at 0, going down at 1, then dropping to maybe 5 until you get past 7, where Apple has all their phones [well, except for the iPhone 4].
Could Apple do better? Sure. But the rest of market isn't even bothering to try to approach Apple's level of support for their existing customer base.
Apple does not have to release 4.3 to fix this issue. Apple could instead release an upgrade to 4.2.x.
I've got a hand-me-down 3G, which I recently downgraded from 4.2 to 3.1 because of the awful performance problems. I really don't want to upgrade now (both because of the new iPhones being released this summer and because I'm going to move overseas next year and don't want to be in the middle of a contract). So I was hoping to limp along with my older phone and OS.
But if they won't release updates for the older hardware, and there are exploits in the wild, then I'll have to upgrade. But between the poor support for older phones and the money grab with in-app purchases, it'll probably be an Android phone if I have to upgrade now.
I think 4.3 lets your set how many times a receptive alert goes off for text messages, not sure about voicemails.
I for one though, would hate having it alert me more than once per missed call, but to each their own.
I'm still on 3.1.3 - never went to 4.x after reading all the horror stories. Too bad Apple doesn't provide some sort of light updates. My phone is two years old and to be honest, I don't think that is old.
Sure, there's a cycle of new products, but two years is nothing. Why should mobile phones be the only product you forcibly have to upgrade after such a short period?
My other half is still on an iPhone 3g running 4.2 and given the sheer number of problems and speed issues with that I'd hate to it upgraded to 4.3. That'd be like upgrading a granny's walking stick to roller blades.
March 12 2011 at 6:28 AM Report abuse Permalink rate up rate down ReplyDeals of the Day
more deals- Acoustic Research Digital Photo Frame with iPod Dock for $50 + free shipping
- Apple iPhone 4 8GB for Verizon, AT&T, or Sprint for $50 + pickup at Best Buy
- Unlocked iPhone 4S 16GB for GSM (AT&T, T-Mobile) for $619 + free shipping
- Apple iMac Core i7 Quad 3.4GHz 27" w/ 24GB RAM, 2TB HDD for $2,677 + $29 s&h
- Used Apple Magic Mouse for $36 + $4 s&h
- 9-Piece iPhone Bundle, includes 1,900mAh battery for $8 + free shipping
Software Updates
more updatesFeatured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
14 Comments