Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iPhone update 1.0.1 is OUT!!!!

B-Ri said:
i had to restore completely my phone, but ifuntastic still works so yay.
Click to expand...

Thanks for the info on iFuntastic.... after I'm done with my second restore I'll take it for a test spin.

After my restore the first time:

My phone was like a new phone. The restore did not bring back any data except for what was already on my mac.

SMS gone
Email accounts gone
All custom settings gone

Anyone else have this happen?

:apple:Malamutt
 
APPLE-SA-2007-07-31 iPhone v1.0.1 Update

iPhone v1.0.1 Update is now available and addresses the following
issues:

Safari
CVE-ID: CVE-2007-2400
Available for: iPhone v1.0
Impact: Visiting a malicious website may allow cross-site scripting
Description: Safari's security model prevents JavaScript in remote
web pages from modifying pages outside of their domain. A race
condition in page updating combined with HTTP redirection may allow
JavaScript from one page to modify a redirected page. This could
allow cookies and pages to be read or arbitrarily modified. This
update addresses the issue by correcting access control to window
properties. Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of
Adobe Systems, Inc. for reporting this issue.

Safari
CVE-ID: CVE-2007-3944
Available for: iPhone v1.0
Impact: Viewing a maliciously crafted web page may lead to arbitrary
code execution
Description: Heap buffer overflows exist in the Perl Compatible
Regular Expressions (PCRE) library used by the JavaScript engine in
Safari. By enticing a user to visit a maliciously crafted web page,
an attacker may trigger the issues, which may lead to arbitrary code
execution. This update addresses the issues by performing additional
validation of JavaScript regular expressions. Credit to Charlie
Miller and Jake Honoroff of Independent Security Evaluators for
reporting these issues.

WebCore
CVE-ID: CVE-2007-2401
Available for: iPhone v1.0
Impact: Visiting a malicious website may allow cross-site requests
Description: An HTTP injection issue exists in XMLHttpRequest when
serializing headers into an HTTP request. By enticing a user to visit
a maliciously crafted web page, an attacker could trigger a
cross-site scripting issue. This update addresses the issue by
performing additional validation of header parameters. Credit to
Richard Moore of Westpoint Ltd. for reporting this issue.

WebKit
CVE-ID: CVE-2007-3742
Available for: iPhone v1.0
Impact: Look-alike characters in a URL could be used to masquerade a
website
Description: The International Domain Name (IDN) support and Unicode
fonts embedded in Safari could be used to create a URL which contains
look-alike characters. These could be used in a malicious web site to
direct the user to a spoofed site that visually appears to be a
legitimate domain. This update addresses the issue by through an
improved domain name validity check. Credit to Tomohito Yoshino
of Business Architects Inc. for reporting this issue.

WebKit
CVE-ID: CVE-2007-2399
Available for: iPhone v1.0
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: An invalid type conversion when rendering frame sets
could lead to memory corruption. Visiting a maliciously crafted web
page may lead to an unexpected application termination or arbitrary
code execution. Credit to Rhys Kidd for reporting this issue.
 
I've got a 5

chriswheat said:
To those who noticed their volume slider was lower after the update, can you confirm that there is a perceivable increase in volume (over your pre-update volume) when you put the slider at full, and if so, do you have a version 5 or 7 phone?

I have a 7 and can't tell a difference in volume and I'm a professional audio engineer...but that doesn't mean that some phones didn't get an increase in volume. To be fair, I was never disappointed with my volume level.
Click to expand...

I'm a sound guy, and for what it's worth, I did notice a bump in the volume. My volume was always set to max, after the update it was around about 7/8th of max. "Alarm" seems a good ringtone for a quick A-B...when you move the volume slider it previews the ringtone for a second. I'd say it's around 1.5dB louder...better, but not great.

For those of you who feel the ringtones and alerts aren't loud enough (like me) there is hope. I think it has more to do with the source material than the phone's speakers. Not all digital audio is created the same.

Still, I was hoping to get more juice from this update than I did.
 
Bcc Option In Mail Settings Now

Seems like no one has noticed this and it isn't even listed in the new DOCS ONLINE.

There is now the OPTION in MAIL SETTINGS to BCC YOURSELF on all mail. It used to be CC.

Still no BCC Option for RECIPIENTS other than SELF, though.

Don't know why it isn't listed in the UPDATED MANUAL which is actually dated as AUGUST 1 so maybe it'll be in there tomorrow?

Anyway, just thought I'd point it out for people.
 
I used ringtonemaker as well and all my ringtones intacked and synched without a problem...Too bad for jawbreaker guys...You should give ringtonemaker a try alot easier....That is all I looked at for now...My volume slider did not change....Im not sure if Im noticing this right or not but my screen brightnesss looks to have gone down some when on lower settings...Anyone else notice this...On high settings no issue...I used to keep it on 50% without issues

insocal said:
Seems like no one has noticed this and it isn't even listed in the new DOCS ONLINE.

There is now the OPTION in MAIL SETTINGS to BCC YOURSELF on all mail. It used to be CC.

Still no BCC Option for RECIPIENTS other than SELF, though.

Don't know why it isn't listed in the UPDATED MANUAL which is actually dated as AUGUST 1 so maybe it'll be in there tomorrow?

Anyway, just thought I'd point it out for people.
Click to expand...

No BBC on mine just CC

tttexxan said:
No BBC on mine just CC
Click to expand...

Sorry I now see that
 
Yep, my custom ringtones are gone too. What do you get with the trial version of iphoneringtonemaker?
 
Ok screen brightness is messed up on mine after update...my screen is now alot darker than before...Maybe im doing something wrong here but
auto brightness selected...I have it set to 50%. Im in a low lit room and shouldnt brightness incress...When I turn on the light the brightness goes up to where I previous had it prior to update.
 
no service! help!

after doing a restore because of custom ringtones and downloading the update, i am not getting back to edge network. it just says no service. help!
 
After accepting that this is ONLY a security update, I thought I'd check out the only security update I personally found unnerving:
http://www.figma.com/dialerbug/

NOPE, NOT FIXED YET. Whoops.

I'm glad however, they they nixed a number of the cross-site scripting attack issues however. The dialerbug is still a bit disturbing if not high-priority.

Other than that, for what its worth, I think Safari does feel much more stable, but I'm guessing Apple won't "own up" to stability issues. I'm going to keep all my tabs full and see if I can "crash" it again tonight. Having no "luck". :)

This is interesting though. Apple knows how many DISTINCT and INDIVIDUAL iPhone customers they have piling onto iTunes and getting updates. This first security update would be an excellent way to see how "ACTIVE" their customers are in getting iPhone updates. A great story to share with potential partners if the "update rate" is high. My guess, the percentage of quick updaters will be higher than any other phone on the market, everytime they do it.

Also, tremendous WARNING SHOT across the bow of modders. In order to update, you'll need to RESTORE. How totally and completely sucky. Now I'm *completely* not interested in any mods. AT ALL. (Though honestly, nothing was compelling much anyways).

~ CB
 
In addition to the BCC MAIL SETTING OPTION....

PASSWORD LOCK can also now be set to REQUIRE PASSWORD up to 1 HOUR. Also a new feature.
 
jailbreak still works after the update.

There is a slight problem though.

Originally when pressing and holding Home and Sleep, you would have to release them before jailbreak would go to "sending more files", the program seems to automatically start sending the files once the Exclamation Point screen comes up on the phone. If you do not release the buttons fast enough the jailbreak will fail and tell you that
"Problem with Ditto: 6

Sorry, apparently things just didn't work out.
Look on the bright side, if jail was that good for Paris maybe you should give it a second chance."

So this time as soon as I saw the Exclamation Point screen I released the buttons right away and everything works now :)

Just a little FYI.

-Derek-
 
Well I am still getting "no content" and "message not downloaded from server" errors on both pop3 accounts so that wasn't addressed in this.
 
First bad news...

Safari still crashes. It took more surfing to make it happen than usual but it still happened. I was listening to music in the background and the music didn't stop playing...so I guess that's good - although that rarely happened.

I hope in some way, my Safari crash was due to a unique condition that they didn't test yet because if it keeps crashing in the next few days, I may have to switch back to my BB Pearl until the next release.

I was so excited and now...not so much:(:(
 
hey can anyone comfirm if the speaker is louder..like when u talk to someone does it seem louder..? i didn't do the update yet.. tomorrow i will...
 
Maybe I just want it too, but my ringers sound a little bit louder and my volume bar was set at like 85% after update.
 
Anyone know if the battery charge status bug is now fixed so it'll show a full charge rather then just slightly under full (even though it did charge all the way) ?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back