iOS 5.1.1 is immediately available for download via iTunes or over-the-air (OTA) and improves reliability of using HDR option for photos taken using the Lock Screen shortcut, as well as reliability when syncing Safari bookmarks and Reading List.
The update addresses bugs that could prevent the new iPad from switching between 2G and 3G networks, and bugs that affected AirPlay video playback in some circumstances.
An issue has been fixed where ‘Unable to purchase’ alert could be displayed after successful purchase.
Lastly, the update includes several security patches targeting Safari, the standard web browser on all Apple platforms.
Impacting iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, and iPad 2, a URL spoofing issue exists in Safari and can potentially be used to direct the user to a spoofed site.
iOS 5.1.1 has improved URL handling which addresses this issue. The problem is not present on Mac OS X systems. Apple credits David Vieira-Kurz of MajorSecurity (majorsecurity.net) for discovering and reporting the issue.
Affecting the exact same platforms, multiple cross-site scripting issues and a memory corruption issue exist in WebKit, a software component required to display web pages in Safari.
With the help of Sergey Glazunov (working with Google's Pwnium contest), as well as Adam Barth and Abhishek Arya of the Google Chrome Security Team, Apple has patched both of these flaws as well.
The impact of these two issues was:
Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
iDevice owners can either connect their devices to iTunes and select “check for updates”, or select Settings -> General, and select Software Update from their iOS device to install iOS 5.1.1.