Apple has released iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch, the latest firmware for its popular smartphone and handheld computer, which fixes five security holes.
The firmware corrects a problem in the CoreAudio component of the iPhone OS, which could be used to cause a buffer overflow attack, if a user plays maliciously crafted mp4 audio files.
It also fixes a problem in the way TIFF images are processed, which could enable a hacker to run code on the iPhone or iPod Touch.
In addition, Apple has corrected a flaw in the iPhone's Recovery Mode function. The company said, "A memory corruption issue exists in the handling of a certain USB control message. A person with physical access to the device could use this to bypass the passcode and access the user's data."
The remaining patches correct two problems in the iPhone's WebKit software, for web access.
The iPhone 3.1.3 firmware is available to download on iTunes.