In a statement provided to Reuters, Apple indeed confirmed findings that the same security flaw fixed with the latest iOS update is also present in OS X. Apple said that they expect to have a software update ready for release “very soon”.
“We are aware of this issue and already have a software fix that will be released very soon,” said Apple spokesperson Trudy Muller.
On Friday, Apple quietly pushed out iOS 7.0.6, with the accompanying release notes saying that the software “provides a fix for SSL connection verification.” A support document issued alongside the update read:
Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.
Last Updated on