A flaw that allowed apps running in the background to inject UI events into an app running in the foreground was also addressed. That was fixed by imposing access controls on foreground and background processes that handle the UI events.
The new iOS also fixes a glitch that allowed sandboxed apps to send tweets without a user's permission. The problem lay in the Twitter subsystem. "Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling Twitter functionality," Apple explained. That issue was patched by enforcing access controls on interfaces exposed by the Twitter daemon.
Many of the flaws, although potentially dangerous, weren't likely to affect most users, said PJ Gupta, CEO of Amtel. "We work with corporations and for them, Apple's platform is the most secure compared to other platforms," he said in an interview.
Plaudits have been heaped on Apple for its security improvements in iOS 7, which should make system administrators more comfortable with the OS. "With every release of iOS, Apple adds a few features and functions that further the level of security they're providing," John Dasher, vice president of product marketing for Good Technology, said in an interview.
Sign up for CIO Asia eNewsletters.