Apple has released an update for its mobile operating system after a security flaw was uncovered
Apple has released a patch for its iOS mobile operating system, which runs on iPhones and iPads, after security researchers uncovered a major vulnerability that could allow hackers to intercept encrypted emails and other communications.
The flaw, which was first identified by security firm Crowdstrike, meant that critical checks on the validity of a website’s security (SSL) certificate were overlooked when users tried to establish a secure connection.
This meant that a hacker could potentially masquerade as a trusted site, such as Gmail or Facebook, and intercept encrypted traffic or modify the data in transit, in addition to breaching financial data or finding other sensitive information.
"It's as bad as you could imagine, that's all I can say," Johns Hopkins University cryptography professor Matthew Green told Reuters.
In a statement on its support website, Apple admitted that the software "failed to validate the authenticity of the connection". The iOS 7.0.6 update is intended for iPhone 4 or higher, fifth-generation iPod touch devices, in addition to the iPad 2 or later versions.
Security researchers claim the same flaw has also affected users of Apple’s desktop and laptop operating system, OS X Mavericks. Apple has not yet released a patch for OS X Mavericks, but claims that a fix will be coming soon.
Commenting on the news, Google software engineer Adam Langley said: "This sort of subtle bug deep in the code is a nightmare. I believe that it's just a mistake and I feel very bad for whomever might have slipped in an editor and created it."
Last September, Apple was forced to issue a patch for a security glitchthat allowed potential fraudsters to access personal information held on an iPhone without unlocking the handset.
The glitch was uncovered just hours after the company made its new operating system iOS 7 available to download for users with older Apple devices. Videos posted online showed how to get around the lockscreen and gain access to the owner's photographs, Twitter account and email inbox.
Apple took just six days to fix the security glitch. However, it has been criticised in the past for reportedly taking as long as two weeks to react to problems.
0 Response to "Apple patches major iOS security flaw"
Post a Comment
thank you for visiting. let's share :)