How serious of a threat is the security flaw found in iOS 7?

ernard

I heard a short story on the news this weekend about a security vulnerability that was found in iOS 7. How serious of a threat is it, and how long has it existed?

Answer this Question

Answers

2 total
jimlynch
Vote Up (2)

If you have an iOS device, I'd update it right now. It's better to be safe than sorry.

http://support.apple.com/kb/HT6147

"iOS 7.0.6

Data Security

Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps."

kreiley
Vote Up (2)

It’s worth updating immediately. The flaw exposes you to potential man in the middle attacks, by skipping validation checks when SSL/TLS connections are being established. As Apple puts, it: "An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. ... This issue was addressed by restoring missing validation steps."

 

Oh, and it’s been around since September 2012, apparently, since iOS 6 is also being patched. To see if your device is vulnerable, you can test it out at https://gotofail.com

Ask a question

Join Now or Sign In to ask a question.
Twitter more than doubled its sales in the second quarter, the company reported Tuesday, showing a strong advertising business.
Now that BlackBerry has fallen significantly behind Apple and Google in the race to offer features and third-party apps for its smartphones, the company is concentrating on providing devices that, it claims, have the strongest available security -- the killer feature for the enterprise.
New Dynamic Perspective sensors help boost cost, though display costs are minimal, IHS says.
Pushbullet is great for quick and dirty file swapping between your Windows PC and Android.
If you're looking for a place to stay where you can hole up with Netflix in the evening, avoid some of the hotel industry's biggest names.
If you like to send messages via Facebook when you're on the move, get ready to download a new app.
New York start-up goTenna has created a portable antenna that could come in handy when cellular service is unavailable.
The organizers of the FirstNet LTE public safety network have the frequencies and standards they need to build the system, and they know where the money's coming from. They know how to get there from here, but it won't be a quick trip.
IT leaders need to learn how to manage the evolving legal, privacy and compliance issues of SMAC contracts.
Nearly 90 percent of IT executives expect tech spending to either increase or hold steady. And only 12 percent report budget decreases.
randomness