Apple has released iPhone 1.1.2 and iPod touch 1.1.2 software via iTunes to patch a severe flaw in the image library used to handle TIFF images. This flaw was used by iPhone hackers to “jailbreak” the iPhone, and required simply visiting a specially crafted Web page. The freed iPhone could then run arbitrary software. This was a severe flaw, as it would allow any malicious Web page to hijack an iPhone’s operating system. The patch disables jailbreaks and prevents malicious efforts, too. (There’s no link to the software download; iPhone and iPod touch software updates are retrieved and installed via iTunes.)
However, independent iPhone/iPod touch developers are a step ahead of Apple. Jailbreak software for 1.1.2 is already available. It requires that you perform a preparatory step with the 1.1.1 software in place before the upgrade. (There are instructions for downgrading to 1.1.1 to perform this step.)
I followed the instructions to enable my hacked iPhone with 1.1.1 software to continue running third-party software with 1.1.2, but it failed to work. I had to perform a complete restore and then retrieve a backup from iTunes.
The iPhone 1.1.2 software was first seen in the UK on iPhones sold there last week, as the update includes support for languages other than English and activation of the iPhone with carriers outside the United States.
A battery indicator for the device now appears next to its name in iTunes, and the iPod touch gained the initially missing capability to create events in the Calendar application.
Apple seeded the 1.1.2 software to a publicly downloadable location on its servers, but neither released its security note nor triggered the software update notification mechanism in iTunes until 12-Nov-07.