Following Wednesday's rollout of the iPhone OS 3.0 software update, Apple says they have fixed 46 security holes.
Users do not have control over the loading of remote images in HTML messages, Apple said in its iPhone 3.0 update security advisory. This security flaw was because Mail did not provide a preference to turn off the automatic loading of remote images. Opening an HTML email containing a remote image will automatically request it, the company said.
The company also said that six errors in CoreGraphics have been fixed. One CoreGraphics flaw meant that viewing a maliciously crafted image could lead to an unexpected application termination or arbitrary code execution, Apple said.
Other errors fixed include IPSec, Unicode, Exchange, ImageIO, MPEG-4 Video Codec, Profiles, Telephony, and a further 20 flaws in WebKit.