Skip to content
February 23, 2014

Apple seeds iOS 7.0.6 update, fixes security SSL/TLS bug

Apple has recently rolled out a seemingly incremental software update to their mobile operating system. However, iOS 7.0.6 isn’t a typical bug fix we used to seeing in this simple update.

According to the update’s description, the new update fixes the vulnerability on the OS wherein “An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS”.

iOS update

In layman’s term, prior to this update, hackers are able to bypass the security which allows them to intercept sensitive information like financial data, email and even Tweets and Facebook posts.

A number of cryptographers and coding whizzes have discovered that the flaw is brought by the “goto fail” code which causes some issues with the digital handshake between the user and a secured website or client.

static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,
uint8_t *signature, UInt16 signatureLen)
{
OSStatus err;

if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
goto fail;
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
goto fail;
goto fail;
if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
goto fail;

fail:
SSLFreeBuffer(&signedHashes);
SSLFreeBuffer(&hashCtx);
return err;
}

The latest version of iOS is available for iPhone 4 and later, as well as iPad 2 and above. In case you weren’t automatically prompted about the update, you can manually check for update by going to Settings -> General and select Software Update.

{sources: 1, 2, 3}

iOS 6.1 goes public, adds local LTE support
Apple bags patent on curved display, virtual buttons, etc
5 iOS 8 features already found on Android

9 Responses to “Apple seeds iOS 7.0.6 update, fixes security SSL/TLS bug”

  1. wh@ says:

    updated already, it took 30mins to finished the update

  2. anyone says:

    stock wallpapers are missing.. anyone?

  3. Benchmark says:

    I updated my son’s ipad 4. I don’t know if it is due to the update, but I am having a hard time surfing using safari. It always fails to connect to the server, i always have to refresh many times before the page can be viewed.

    Not sure if this is due to the update, I only happen to me after this update. :-(

    Well still, the stock wallpapers are still there.

  4. Yup says:

    May sira talaga safari even before the update. Download google chrome. Mas stable.

  5. bogart says:

    any bugs?im planning to update my iphone 4.but i’ve noticed before when you update iphone 4s to ios7 a lot of bugs came out.

Leave a Reply

*
*

Written by

This article was written by Ronnie Bulaong, a special features contributor and correspondent for YugaTech. Follow him on Twitter @turonbulaong.

More articles by Ronnie Bulaong :