Seven fixes affected Safari browser vulnerabilities. Of the remaining three Bluetooth-related updates, one fixed a "critical" flaw that could allow outsiders to eavesdrop on iPhone conversations.
Of the common vulnerability enumerations, Apple's term for patches, Andrew Storms, director of network security for nCircle, said: "The Bluetooth bug is the most critical."
Apple added that an attacker could send maliciously crafted service discovery protocol packets to an iPhone with Bluetooth enabled to run malicious code for intercepting the wireless conversation.
"Even though this is labelled as a remote exploit, due to the nature of Bluetooth, this is more of a walk-by attack than a drive-by attack," Storms said via email. "The hacker would have to be within arm's length to exploit it."
Apple also closed a man-in-the-middle flaw in iPhone that impacts its mail capabilities when configured to use the secure socket layer protocol. In this situation, an unpatched iPhone "does not warn the user when the identity of the mail server has changed or cannot be trusted and could lead to a man-in-the-middle attack," according to Apple.
According to researchers at Lumension (formerly PatchLink), Apple's updates have the potential to cause irreparable damage to iPhones that installed so-called "unlock code.” It is most often used to allow the iPhone to connect with a cellular service other than AT&T.
Damien Hogan, security analyst at Lumension, said that the vulnerabilities could be exploited to download the unlock code on to an unsuspecting user's iPhone. Such unauthorised modifications could not only make the phone unusable, they would also void Apple's warranty, he said.
Apple fixes 10 iPhone bugs
By Patrick Love, Head of Fiduciary Support, Global Wealth Sol on Oct 2, 2007 10:05AM