Category Archives: iPhone

Apple release iTunes 10.7 (32 Bit and 64 Bit Editions)

Apple iTunes 10.7 (32 Bit and 64 Bit Editions) provides the following enhancements and security fixes

• Adds support for iOS 6 running on compatible iPhone, iPad, and iPod touch models

• Adds support for the latest iPod nano and iPod shuffle models

• Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

• Description: Multiple memory corruption issues existed in WebKit. These issues are addressed through improved memory handling

• CVE-ID

• CVE-2011-3016 : miaubiz

• CVE-2011-3021 : Arthur Gerkis

• CVE-2011-3027 : miaubiz

• CVE-2011-3032 : Arthur Gerkis

• CVE-2011-3034 : Arthur Gerkis

• CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur Gerkis

• CVE-2011-3036 : miaubiz

• CVE-2011-3037 : miaubiz

• CVE-2011-3038 : miaubiz

• CVE-2011-3039 : miaubiz

• CVE-2011-3040 : miaubiz

• CVE-2011-3041 : miaubiz

• CVE-2011-3042 : miaubiz

• CVE-2011-3043 : miaubiz

• CVE-2011-3044 : Arthur Gerkis

• CVE-2011-3050 : miaubiz

• CVE-2011-3053 : miaubiz

• CVE-2011-3059 : Arthur Gerkis

• CVE-2011-3060 : miaubiz

• CVE-2011-3064 : Atte Kettunen of OUSPG

• CVE-2011-3068 : miaubiz

• CVE-2011-3069 : miaubiz

• CVE-2011-3071 : pa_kt working with HP’s Zero Day Initiative

• CVE-2011-3073 : Arthur Gerkis

• CVE-2011-3074 : Slawomir Blazek

• CVE-2011-3075 : miaubiz

• CVE-2011-3076 : miaubiz

• CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team

• CVE-2011-3081 : miaubiz

• CVE-2011-3086 : Arthur Gerkis

• CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz

• CVE-2011-3090 : Arthur Gerkis

• CVE-2011-3105 : miaubiz

• CVE-2011-3913 : Arthur Gerkis

• CVE-2011-3924 : Arthur Gerkis

• CVE-2011-3926 : Arthur Gerkis

• CVE-2011-3958 : miaubiz

• CVE-2011-3966 : Aki Helin of OUSPG

• CVE-2011-3968 : Arthur Gerkis

• CVE-2011-3969 : Arthur Gerkis

• CVE-2011-3971 : Arthur Gerkis

• CVE-2012-0682 : Apple Product Security

• CVE-2012-0683 : Dave Mandelin of Mozilla

• CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP

• CVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP

• CVE-2012-2817 : miaubiz • CVE-2012-2818 : miaubiz

• CVE-2012-2829 : miaubiz

• CVE-2012-2831 : miaubiz

• CVE-2012-2842 : miaubiz

• CVE-2012-2843 : miaubiz

• CVE-2012-3589 : Dave Mandelin of Mozilla

• CVE-2012-3590 : Apple Product Security

• CVE-2012-3591 : Apple Product Security

• CVE-2012-3592 : Apple Product Security

• CVE-2012-3593 : Apple Product Security

• CVE-2012-3594 : miaubiz

• CVE-2012-3595 : Martin Barbella of Google Chrome Security

• CVE-2012-3596 : Skylined of the Google Chrome Security Team

• CVE-2012-3597 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3598 : Apple Product Security

• CVE-2012-3599 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3600 : David Levin of the Chromium development community

• CVE-2012-3601 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3602 : miaubiz

• CVE-2012-3603 : Apple Product Security

• CVE-2012-3604 : Skylined of the Google Chrome Security Team

• CVE-2012-3605 : Cris Neckar of the Google Chrome Security team

• CVE-2012-3606 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3607 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3608 : Skylined of the Google Chrome Security Team

• CVE-2012-3609 : Skylined of the Google Chrome Security Team

• CVE-2012-3610 : Skylined of the Google Chrome Security Team

• CVE-2012-3611 : Apple Product Security

• CVE-2012-3612 : Skylined of the Google Chrome Security Team

• CVE-2012-3613 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3614 : Yong Li of Research In Motion, Inc.

• CVE-2012-3615 : Stephen Chenney of the Chromium development community

• CVE-2012-3616 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3617 : Apple Product Security

• CVE-2012-3618 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3620 : Abhishek Arya of Google Chrome Security Team

• CVE-2012-3621 : Skylined of the Google Chrome Security Team

• CVE-2012-3622 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3623 : Skylined of the Google Chrome Security Team

• CVE-2012-3624 : Skylined of the Google Chrome Security Team

• CVE-2012-3625 : Skylined of Google Chrome Security Team

• CVE-2012-3626 : Apple Product Security

• CVE-2012-3627 : Skylined and Abhishek Arya of Google Chrome Security team

• CVE-2012-3628 : Apple Product Security

• CVE-2012-3629 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3630 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3631 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3632 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3633 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3634 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3635 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3636 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3637 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3638 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3639 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3640 : miaubiz

• CVE-2012-3641 : Slawomir Blazek

• CVE-2012-3642 : miaubiz

• CVE-2012-3643 : Skylined of the Google Chrome Security Team

• CVE-2012-3644 : miaubiz

• CVE-2012-3645 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3646 : Julien Chaffraix of the Chromium development community, Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3647 : Skylined of the Google Chrome Security Team

• CVE-2012-3648 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3649 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team

• CVE-2012-3651 : Abhishek Arya and Martin Barbella of the Google Chrome Security Team

• CVE-2012-3652 : Martin Barbella of Google Chrome Security Team

• CVE-2012-3653 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3654 : Skylined of the Google Chrome Security Team

• CVE-2012-3655 : Skylined of the Google Chrome Security Team

• CVE-2012-3656 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3657 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3658 : Apple

• CVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3660 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3661 : Apple Product Security

• CVE-2012-3663 : Skylined of Google Chrome Security Team

• CVE-2012-3664 : Thomas Sepez of the Chromium development community

• CVE-2012-3665 : Martin Barbella of Google Chrome Security Team using AddressSanitizer

• CVE-2012-3666 : Apple

• CVE-2012-3667 : Trevor Squires of propaneapp.com

• CVE-2012-3668 : Apple Product Security

• CVE-2012-3669 : Apple Product Security

• CVE-2012-3670 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer, Arthur Gerkis

• CVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome Security Team

• CVE-2012-3672 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3673 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3674 : Skylined of Google Chrome Security Team

• CVE-2012-3675 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3676 : Julien Chaffraix of the Chromium development community

• CVE-2012-3677 : Apple

• CVE-2012-3678 : Apple Product Security

• CVE-2012-3679 : Chris Leary of Mozilla

• CVE-2012-3680 : Skylined of Google Chrome Security Team

• CVE-2012-3681 : Apple

• CVE-2012-3682 : Adam Barth of the Google Chrome Security Team

• CVE-2012-3683 : wushi of team509 working with iDefense VCP

• CVE-2012-3684 : kuzzcc

• CVE-2012-3685 : Apple Product Security

• CVE-2012-3686 : Robin Cao of Torch Mobile (Beijing)

• CVE-2012-3687 : kuzzcc

• CVE-2012-3688 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3692 : Skylined of the Google Chrome Security Team, Apple Product Security

• CVE-2012-3699 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3700 : Apple Product Security

• CVE-2012-3701 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3702 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3703 : Apple Product Security

• CVE-2012-3704 : Skylined of the Google Chrome Security Team

• CVE-2012-3705 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3706 : Apple Product Security

• CVE-2012-3707 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

• CVE-2012-3708 : Apple

• CVE-2012-3709 : Apple Product Security

• CVE-2012-3710 : James Robinson of Google

• CVE-2012-3711 : Skylined of the Google Chrome Security Team

• CVE-2012-3712 : Abhishek Arya of the Google Chrome Security Team using AddressSanitizer

You can download Apple iTunes 10.7 by visiting the following link http://www.apple.com/itunes/

Apple release iTunes 10.6.3 (32 Bit and 64 Bit Editions)

Apple iTunes 10.6.3 (32 Bit and 64 Bit) has recently been released and includes the following new features and fixes:

  • Addresses a problem where iTunes may become unresponsive when syncing an iPad (1st generation) that contains an iBooks textbook
  • Fixes a problem where photos synced to a device may appear in an unexpected order
  • Resolves an issue where iTunes may unexpectedly delete playlists created on a device
  • Fixes issues where iTunes may unexpectedly delete apps on a device
  • Improves overall performance and reliability

You can download the 32 Bit or the 64 Bit version from the Apple Website:

iTunes 10.6.3 for Windows (32 bit Edition) – http://support.apple.com/kb/DL1426

iTunes 10.6.3 for Windows (64 bit Edition) – http://support.apple.com/kb/DL1427

Apple release iTunes 10.5.3

iTunes 10.5.3 has recently been released and allows you to sync interactive iBooks textbooks to your iPad. These Multi-Touch textbooks are available for purchase from the iTunes Store on your Mac or from the iBookstore included with iBooks 2 on your iPad.

You can download it from the Apple iTunes Site http://www.apple.com/itunes/

[RESOLVED] – Microsoft Exchange 2010 – Appointments exceeding 24 hours changed to multiple day All Day Event on Mobile Phones/Devices

Microsoft Exchange 2010 Service Pack 1 ActiveSync does seem to have issues with Appointments exceeding 24 hours that are not all day events (i.e. Friday to Sunday).  I have personally seen this issue with the iPhone 4 and 3GS, both were upgraded to IOS5 which did not resolve the issue.  The latest update “Microsoft Exchange 2010 Service Pack 1 – Hotfix Rollup 6” also does not seem to resolve this problem.

You might wish to test if you have the issue with your ActiveSync enabled Smart Phone or Device, you should be able to replicate the issue by asking a collegue to send you a meeting invite that starts on Friday at 4pm and then finishes on Sunday at 2pm, Once you accept the invite you will find that it has been changed to several all day events (Fri, Sat and Sun) rather than an appointment between the specified time period.

After a long wait it appears that this issue is resolved in Rollup 1 for Exchange Server 2010 – Service Pack 2, you can obtain the Rollup using the link below:

http://www.microsoft.com/download/en/details.aspx?id=28809 – Update Rollup 1 for Exchange Server 2010 Service Pack 2 (KB2645995)

You can see the overall list of fixes/changes in Rollup 1 here:

http://support.microsoft.com/?kbid=2645995

The Fix we are most interested in is “A meeting item displays incorrectly as multiple all-day events when you synchronize a mobile device on an Exchange Server 2010 mailbox”

This was original raised in: http://support.microsoft.com/kb/2549255

You will need to ensure that you have updated your Microsoft Exchange 2010 Server to Service Pack 2 before you can install the Rollup so remember to factor extra time in for this.

You can obtain Microsoft Exchange Server 2010 – Service Pack 2 from here: http://www.microsoft.com/download/en/details.aspx?id=28190

Microsoft do seem to be aware of the issue and mention it in this Knowledgebase article

http://support.microsoft.com/kb/2563324 Current issues with Microsoft Exchange ActiveSync and Third Party Devices

Issue 1.6 – Appointment exceeding 24 hours changed to multiple day All Day Event
When an appointment item’s duration exceeds 24 hours, but is not marked as an All Day Event, Exchange ActiveSync changes the item on the device to become a multi-day All Day Event. The next time that the device synchronizes with the mailbox, the change is propagated from the item on the device to the item on the Exchange Server 2010 mailbox.

Solution
Microsoft is investigating this issue. This problem can occur when using any ActiveSync device synchronizing with Exchange Server 2010.

As you can see Microsoft do not currently have a solution to the problem and may well need to contact Apple and/or Google to produce a fix for both the iPhone and Android based handsets.

I would recommend contacting Microsoft Product Support and your mobile phone manufacturer if this issue is affecting you.  The more users that log the issue the higher priority it will be given and the quicker we can expect to see a fix emerge.