Apple recently released version 6.1 of iOS, patching 27 security flaws in the mobile operating system.

"The vast majority of the flaws were in WebKit, the rendering engine used by Safari to display web content," writes Sophos' Chester Wisniewski. "This isn't surprising as it is a very complicated component. It is also a very dangerous component to leave vulnerable as it can be attacked by any web page controlled by someone with malicious intent. I would make these updates a priority."

"One of the key vulnerabilities fixed in iOS 6.1 is in the operating system's kernel and could enable an attacker to access kernel memory," writes Threatpost's Dennis Fisher. "The vulnerability was discovered by Mark Dowd of Azimuth Security, who presented it at the Hack in the Box security conference last year."


"iOS 6.1 also removes trust for the fake Google digital certificates mistakenly issued by the Turkish certificate authority ('TURKTRUST')," writes Dark Reading's Larry Seltzer. "The remaining bugs could enable JavaScript without permission in Mobile Safari where it had been disabled; allow a remote attacker on the same Wi-Fi network to exploit a bug in Broadcom's BCM4325 and BCM4329 firmware to disable Wi-Fi temporarily; or allow a cross-site scripting attack."