A support document about the update notes that a validation problem with Secure Transport could potentially allow attackers “with a privileged network position to capture or modify data in sessions protected by SSL/TLS.” We’ve reached to Apple for more information, but in the meantime, you should assume that the issue is as serious as it sounds.
Apple also released an Apple TV update and iOS 6.1.6 today to address the same issue. You can find the iOS updates in iTunes or in the device’s settings pane. The Apple TV update can be found under Settings > General > Update Software.
Since SSL is often used to transfer sensitive data like payment information, personal details and logins, any potential compromise to the authentication process is a critical vulnerability.
Image credit: pauliewoll / Flickr
Pssst, hey you!
Do you want to get the sassiest daily tech newsletter every day, in your inbox, for FREE? Of course you do: sign up for Big Spam here.