Few hours ago Apple launched a fresh updated iOS version — iOS 5.1.1. Latest iOS update contains a number of bug fixes, also includes a patch for the dangerous URL spoofing in Safari.
The illustration was provided of going to a fake site that shown “Apple.com” in your address bar. This specific malicious method which can be used to collect important informations — banking and login details from iOS devices running iOS 5.1 firmware or above.
|Safari malicious exploit|
Apple has fixed the vulnerability in the freshly-launched iOS 5.1.1 firmware:
Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted website may be able to spoof the address in the location bar
Description: A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. This issue is addressed through improved URL handling. This issue does not affect OS X systems.
iPhone, iPad and iPod Touch owners can install iOS 5.1.1 right now to get this important security fix together with two WebKit vulnerability patches.