Apple security update fixes iOS vulnerability

Posted on Updated on

Apple's iPhone 5S 

Apple’s iPhone 5S

(Credit: Sarah Tew/CNET)

Apple on Friday released the latest update of its mobile operating system. It’s of note because it fixes an SSL connection issue, an important encryption vulnerability.

SSL, or Secure Sockets Layer, is one of the most basic forms of encrypting Internet traffic. Without it, almost anybody can see what you’re doing online. According to Apple’s fulldescription of the update, the software previously had problems validating the authenticity of the connection, and the software fix restores steps that were missing in the validation process.

The company said the fix would stop an attacker from capturing and modifying data when supposedly shielded by SSL.

The patch is also available for older versions of Apple’s operating system, with an iOS 6.1.6 update. The fix comes weeks after another minor iOS 7 update, which had to do with network errors in China. A more robust update, iOS 7.1, is expected next month.

Apple has been mum regarding specific details of the bug. So for that reason, it’s difficult to gauge the magnitude of the situation. “It has the potential to be a very serious issue,” said Jonathan Zdziarski, an iOS forensics expert. But he emphasized that many of the conclusions we can draw are only speculation, since Apple only vaguely and briefly described the vulnerability.

He did point to the possibility of man-in-the-middle attacks, where an eavesdropper could intercept data from a user’s phone. He also points out that Apple didn’t specifically mention any certain restrictions in its explanation of the vulnerability — like, say, the bug only being applicable when a certain app is running. The lack of that caveat could indicate that the bug potentially affected the whole phone, giving an attacker complete control over the device and personal information on it.

via cnet.com

Richard Nieva

 

Related articles

Beatles channel debuts on Apple TV
Beatles channel debuts on Apple TV
Apple loses bid to yank court-appointed antitrust monitor
Apple loses bid to yank court-appointed antitrust monitor
Apple’s Arizona plant could make ‘unprecedented’ amounts of sapphire
Apple’s Arizona plant could make ‘unprecedented’ amounts of sapphire
Power Poll Social All Articles https://applebytecrunch.wordpress.com/great-free-apps/gfa-gaming-zone/ ‎
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s