IOS Emergency Security Update
Thursday, February 27, 2014
This week, Apple released iOS 7.0.6, to fix a SSL connection verification flaw. The same SSL fix was also released for iOS 6 devices and the Apple TV devices. This update should be applied to all IOS devices as soon as possible including the IPhone 4 and newer, IPad's and Apple TV's.
Nicknamed gotofail, the flaw has been present since the release of IOS 6, and it still hasn't been patched in OS X.
Until now, iOS devices using the internet over a SSL connection have been vulnerable to hackers intercepting their data, or "man-in-the-middle" attacks. The bug allows for secure web traffic to be hijacked by someone else on the same network. It's relatively easy to do for anyone with knowledge of the flaw.
Gotofail flaw is limited to Apple's apps and services, like Safari and Messages, so third-party browsers like Chrome should be fine. Any application that uses safari to bring information to your device, such as banking applications, will be vulnerable till the update is applied. If you are using an effected device please update to the latest operating system by going to settings, general, then software update.
For information about the update please visit Apple's update page at: http://support.apple.com/kb/HT6147?viewlocale=en_US&
If you have any questions feel free to contact us at 717-737-8848.