Urgent Apple Security Update

The Register, By Chris Williams, 21st February 2014

Apple has updated its mobile operating system iOS to patch a bug that blows apart the integrity of encrypted connections.

Versions 7.0.6 and 6.1.6, available now for download, fixes a vulnerability that could allow “an attacker with a privileged network position” to “capture or modify data in sessions protected by SSL/TLS,” according to the iPhone maker. This is due to theSecure Transport component of the operating system failing to validate “the authenticity of the connection,” suggesting some sort of failure to verify the certificate or identity of whatever system a vulnerable iDevice was connected to.

Full Article

(Visited 32 times, 1 visits today)