fbpx

Apple seeds iOS 7.0.6 update, fixes security SSL/TLS bug

Apple has recently rolled out a seemingly incremental software update to their mobile operating system. However, iOS 7.0.6 isn’t a typical bug fix we used to seeing in this simple update.

According to the update’s description, the new update fixes the vulnerability on the OS wherein “An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS”.

iOS update

In layman’s term, prior to this update, hackers are able to bypass the security which allows them to intercept sensitive information like financial data, email and even Tweets and Facebook posts.

A number of cryptographers and coding whizzes have discovered that the flaw is brought by the “goto fail” code which causes some issues with the digital handshake between the user and a secured website or client.

static OSStatus
SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams,
uint8_t *signature, UInt16 signatureLen)
{
OSStatus err;

if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
goto fail;
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
goto fail;
goto fail;
if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
goto fail;

fail:
SSLFreeBuffer(&signedHashes);
SSLFreeBuffer(&hashCtx);
return err;
}

The latest version of iOS is available for iPhone 4 and later, as well as iPad 2 and above. In case you weren’t automatically prompted about the update, you can manually check for update by going to Settings -> General and select Software Update.

{sources: 1, 2, 3}

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 984 other subscribers
Avatar for Ronnie Bulaong

This article was written by Ronnie Bulaong, a special features contributor and correspondent for YugaTech. Follow him on Twitter @turonbulaong.

9 Responses

  1. Avatar for bogart bogart says:

    any bugs?im planning to update my iphone 4.but i’ve noticed before when you update iphone 4s to ios7 a lot of bugs came out.

  2. Avatar for Yup Yup says:

    May sira talaga safari even before the update. Download google chrome. Mas stable.

  3. Avatar for jvic jvic says:

    http://gizmodo.com/why-apples-huge-security-flaw-is-so-scary-1529041062?utm_campaign=socialflow_gizmodo_facebook&utm_source=gizmodo_facebook&utm_medium=socialflow

  4. Avatar for Benchmark Benchmark says:

    I updated my son’s ipad 4. I don’t know if it is due to the update, but I am having a hard time surfing using safari. It always fails to connect to the server, i always have to refresh many times before the page can be viewed.

    Not sure if this is due to the update, I only happen to me after this update. :-(

    Well still, the stock wallpapers are still there.

  5. Avatar for anyone anyone says:

    stock wallpapers are missing.. anyone?

  6. Avatar for wh@ wh@ says:

    updated already, it took 30mins to finished the update

Leave a Reply
JOIN OUR TELEGRAM DISCUSSION

Your email address will not be published. Required fields are marked *