Apple users have something to worry about this morning as a new flaw in iOS and OSX has been revealed. The flaw could allow a hacker to intercept information that is supposed to be encrypted such as email and banking information. Hackers could also intercept social networking information. But keep in mind, this flaw is only usable if you’re sharing an unsecured network with other users, such as a coffee shop or public library. Good news is Apple has already patched and released an update to fix the SSL issue. You should check your iDevice for the update, iOS 7.0.6 here’s what Apple had to say about this new update.
About the security content of iOS 7.0.6
This document describes the security content of iOS 7.0.6.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see “How to use the Apple Product Security PGP Key.”
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see “Apple Security Updates“.
- Data SecurityAvailable for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and laterImpact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLSDescription: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.CVE-IDCVE-2014-1266