This article is more than 1 year old
Jesus Phone saved from being man-in-the-middled
Slab of Jobs to get backdoor stoppered also
Apple has released another security update for iPhones and fondleslabs less than a fortnight after a security fix intended to prevent the tightly controlled devices being jailbroken.
The latest update to iOS 4.3.5 tackles a digital certificate validation flaw that created a possible mechanism for man in the middle attacks on supposedly secure SSL-encrypted data exchanges. The update is available for iPhone 3GS and iPhone 4 (GSM), iPod Touch (3rd generation) and will soon be delivered to iPad fondleslabs, according to an advisory by Apple here.
The patch comes days before a planned talk on the issue by Nicholas Percoco and Paul Kehrer, both of Trustwave's SpiderLabs, at DefCon next week, entitled Getting SSLizzard.
Earlier this month. Apple patched a security bug involving font-handling in PDFs with version 4.3.4. The security flaws were exploited in the latest version of JailbreakMe days before. Security watchers warned at the time that the flaw might almost as easily be used to spread malware or run exploits as jailbreak devices. ®
Biting the hand that feeds IT
