Apple’s iOS 5.0.1 update deals with several security flaws in addition to making feature improvements, an Apple note indicates. Among these is a Smart Cover exploit that allowed people to skip passcodes and gain limited access to an iPad 2. Also fixed are vulnerabilities in components like fonts, DNS and URL handling, and weak certificates associated with DigiCert Malaysia, which are no longer trusted.
Of special interest is a kernel glitch which permitted apps to bypass codesigning checks. The hole was identified by Accuvant Labs researcher Charlie Miller, who ended up booted from the iOS Developer Program for the manner in which he publicized the problem.
