Apple iOS 4.3.5 released due to security issues
Simon Telford / 5 years ago
Being an avid iPhone user, whenever an update blasts my screen on iTunes, I admittedly get a bit excited. Generally that’s down to some possible new features that Apple have managed to implement.
Sadly today isn’t as exciting but is more security focussed which is important none the less. Not so long ago, Apple released iOS 4.3.4 to fix a security flaw in regards to jailbroken devices including iPhone, iPod and iPad, and it seems they have only recently found out about this latest flaw.
The Apple support article gives a brief outline on the flaw:
Available for: iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM), iOS 3.1 through 4.3.4 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.4 for iPadImpact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.
It is suggested that all users update their idevices using iTunes as soon as possible to prevent any issues in regards to this security problem.
It’s good to see Apple on top of things, especially that jeopardise the security of our devices and I’m still eagerly awaiting iOS 5, as I said earlier, I’m all about the goodies and new features.