Apple releases minor iOS update for a major security vulnerability

Posted: February 22, 2014 in Security
Tags: , , , , ,

Chuck Talking Tech / by Chuck Bienenfeld

February 22, 2014

ios

On Friday, Apple released iOS update version 7.0.6 for download. Although this is a minor release and coming just before the scheduled 7.1 it is an important update for iOS users. As stated in the release notes, this update is to patch a SSL connection verification.

From Apple’s support page:

iOS 7.0.6

Data security:

Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

Apple says the fix would stop an attacker from capturing and modifying data when supposedly shielded by SSL. The reason this update is so important is that SSL, secure socket layer is the most basic level of internet encryption. This fix can address two potential exploits. First, This prevents other users on the same wifi network from seeing what you are doing. Second, it may also protect the user from “man in the middle attacks” (for more information follow the link to Wikipedia – http://en.wikipedia.org/wiki/Man-in-the-middle_attack). Because of these reasons it is also important to apply this update sooner then later. As always with new patches, for all operating systems be they Window, Linux or Mac, other hackers will begin to reverse engineer the fix and discover how to execute the exploit on un-patched systems.

To update you device, go to settings, General and Software update.

I will update the post with any additional information as it becomes available.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s