via ArsTechnica
Within the last 24 hours, Apple has rolled out the long awaited Exchange bugfix update to all affected iPhone devices via iTunes and over the air.
The update is intended to fix a problem which first manifested itself in the first 6.1 update released three weeks ago, in which recurring calendar events accessed through an Exchange server would trigger a never ending access loop that would flood servers with requests for information despite having already pulled the information from the server.
As a result, in the meantime between the first 6.1 update and Apple/Microsoft becoming aware of the issue, IT admins the world over were forced to take measures to address the access issues, with multiple workarounds, some more extreme than others. Now with the rollout of the 6.1.2 update, the issue is expected to be resolved completely, giving server and device admins one less thing to worry about, at least until the next iOS update.
However, outside of the Exchange issue, Apple still has yet to address yet another lockscreen vulnerability that has also cropped up with the latest round of iOS updates.
At issue is the fact that the latest lockscreen vulnerability, which first popped up on YouTube and has since been confirmed multiple times is allowing access to the phone dialer and contact lists, rendering simple and complex password protection useless.
The latest vulnerability involves making and then canceling a call from the emergency dial screen, then hitting the power button several times to load the Phone App. The Phone App then allows anyone to access the phone’s dialer, contact list, voicemail box, call history, messages, photos and FaceTime camera.
While Apple has acknowledged this latest vulnerability, the company has yet to provide a timeline for the rollout of a fix, much in the way that it did not confirm a fix for the Exchange issue until the update was rolled out yesterday. In a statement regarding the lockscreen vulnerability given a week ago, Apple had this to say:
Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update
Apple’s latest wave of update issues underscores the increasing complexity of its operating system and the difficulty it faces in having to balance both development and testing in order to fix bugs as quickly as possible. The next major update to iOS is expected later this year along with the expected updates to the iPhone hardware.
