BEIJING, July 7 (Xinhuanet) -- A leading Mac OS X researcher said iPhone failed to update its operating system, according to media reports Monday.
Iphone runs a stripped-down version of Mac OS 10.5 and automatically checks for security updates. The last update for it, 1.1.4, was issued in February, despite a flaw discovered by Charlie Miller, a veteran hacker at Independent Security Evaluators, in March.
During the CanSecWest conference, Miller found and used a buffer overflow in Safari in the Apple WebKit to win a 10,000 U.S. dollars "Pwn to Own" contest. Apple patched Miller's Safari vulnerability for the desktop in April, but so far has not issued a similar patch for the iPhone.
Speculation within the security community is that Apple is currently focused on the 3G version of the iPhone. Upgrades to current iPhones may be pushed out in advance or concurrent with the July 11 release of iPhone 2.0.
Apple does not respond to requests for comment on its software security policies.
(Agencies)
