Apple patches three security issues with iOS 5.1.1 update
Apple has released an update to its mobile operating system today, iOS 5.1.1.
The iPhone, iPad and iPod operating system upgrade improves the reliability of using the HDR option for photos taken using the Lock Screen shortcut, addresses bugs that could prevent the new iPad from switching between 2G and 3G networks, improves Airplay video playback and increases reliability for syncing Safari bookmarks and Reading List.
More importantly, the update patches three major security flaws. The first is address-bar spoofing, to ensure that scammers, phishers and peddlers of malware cannot direct users to bogus web sites pretending to be real.
The second patch addresses cross-site scripting, or XSS, a vunderability that enables attackers to inject client-side scripts into web pages viewed by other users.
The third security flaw fixed in the update is remote code execution, that is, a maliciously crafted web page that might crash your browser in a way that it ends up running program code secretly embedded in the web page.
The update is being pushed out to devices Over-The-Air (OTA), but iOS 5.1 users can also download it immediately by touching Settings > General > Software Update. You can also install iOS 5.1.1 by plugging your device into iTunes and clicking on Update.