How serious of a threat is the security flaw found in iOS 7?

ernard

I heard a short story on the news this weekend about a security vulnerability that was found in iOS 7. How serious of a threat is it, and how long has it existed?

Answer this Question

Answers

3 total
jimlynch
Vote Up (2)

If you have an iOS device, I'd update it right now. It's better to be safe than sorry.

http://support.apple.com/kb/HT6147

"iOS 7.0.6

Data Security

Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps."

jimlynch
Vote Up (2)

If you have an iOS device, I'd update it right now. It's better to be safe than sorry.

http://support.apple.com/kb/HT6147

"iOS 7.0.6

Data Security

Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps."

kreiley
Vote Up (2)

It’s worth updating immediately. The flaw exposes you to potential man in the middle attacks, by skipping validation checks when SSL/TLS connections are being established. As Apple puts, it: "An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. ... This issue was addressed by restoring missing validation steps."

 

Oh, and it’s been around since September 2012, apparently, since iOS 6 is also being patched. To see if your device is vulnerable, you can test it out at https://gotofail.com

Ask a question

Join Now or Sign In to ask a question.
The organizers of the FirstNet LTE public safety network have the frequencies and standards they need to build the system, and they know where the money's coming from. They know how to get there from here, but it won't be a quick trip.
IT leaders need to learn how to manage the evolving legal, privacy and compliance issues of SMAC contracts.
Nearly 90 percent of IT executives expect tech spending to either increase or hold steady. And only 12 percent report budget decreases.
A new survey of IT security professionals shows that many businesses are barely starting to exploit mobile technology, and some of them may be a mobile security nightmare waiting to happen.
In the U.S. alone, nearly $2 billion worth of Apple devices -- Macs, iPhones, iPads and iPods -- were sold on eBay over the last 12 months.
Think CIOs in the U.S. are struggling with how to handle BYOD? IDC's John Delaney says it's much worse in Europe.
As iOS 8--and, presumably, new iPhone and iPad hardware--approaches its release day, big changes are on the horizon for Apple's Touch ID, a technology that has been met with less enthusiasm than it deserves.
The Pirate Bay launched a mobile site on Thursday to make it easier to navigate the search engine for torrent files on mobile devices.
The expected boom in demand for small, often isolated devices in the Internet of Things is driving developers to craft new types of components.
Wi-Fi technology continues to evolve as wireless devices proliferate and demand for video and other data explodes.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness