Apple releases security patch via iOS 7.0.6

From Apple’s knowledge base article on the patch:

Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

Bottom line, this is a security patch for an SSL verification bug. You’ll find it via:

Settings > General > Software Update

Apparently, the bug has been around quite a while. Two other patches were released yesterday, this one for the Apple TV, and this one for the iPhone 3GS and iPod touch (4th generation). Seems like there’s no patch for the original iPad. Wonder if that iPhone 3GS patch includes the original iPad and they just left it off the list.

Go get patched!

  • rattyuk

    Good Morning America’s coverage of this software update was completely outrageous this morning (Basically):

    “iOS is completely unsafe to use under all circumstances. DO NOT USE IT IN STAR BUCKS. The world is coming to an end for Apple and it’s iOS devices….

    (then at end of article) Oh btw they released a fix last night, which you should download…

    (but still room for one final jab) But they’re being tight lipped, so who knows if you are safe?”

    • JohnDoey

      If only they would warn people about the dangers of everyday Windows or Android use.

      • rattyuk

        That wouldn’t be “news” though, would it?

        • JT_CHITOWN

          ROGL!!!! +1

  • JohnDoey

    There is no patch for original iPad as yet.

    The original iPad runs 5.1.1, while the 3GS runs 6.1.3.

    • just4guest

      Wasn’t the big introduced in 6.X? No reason to patch 5.1.1….

  • NickFrey

    It appears that this bug wasn’t present in iOS 5 and was added in iOS 6, so the original iPad isn’t affected.