No security fix for "arbitrary code execution" on iOS7. Why must users accept new functionality (and bugs) in iOS8 when this and other security bugs could have been fixed in iOS7? How long ago was Apple aware of this vulnerability - was release of the fix delayed until iOS8 in order to force everyone to upgrade?
Oh look a buffer overrun exploit! In C, who would guess?<p>Static analyzers for C exist since 1979, but why use them...<p>"Although the first edition of K&R described most of the rules that
brought C's type structure to its present form, many programs written in
the older, more relaxed style persisted, and so did compilers that
tolerated it. To encourage people to pay more attention to the official
language rules, to detect legal but suspicious constructions, and to
help find interface mismatches undetectable with simple mechanisms for
separate compilation, Steve Johnson adapted his pcc compiler to produce
lint [Johnson 79b], which scanned a set of files and remarked on dubious
constructions. " -- Dennis Ritche on history of C.