On February 21, Apple released a patch for iOS bringing iOS 7 and 6 to versions 7.06 and 6.16 (respectively), with little fanfare as to why the patch was issued. However, it now appears to have had more to it than a simple fix to SSL connections. The release notes mentioned a Secure Socket Layer (SSL) vulnerability for “an attacker with a privileged network,” meaning that a flaw in the SSL implementation could conceivably allow for a “man-in-the-middle” attack as uncovered by ZDNet.
The patch fixes a vulnerability that was keeping the system from doing SSL/TLS hostname checks, leaving communications unencrypted that were meant to be encrypted. The flaw could leave data such as passwords and personal information open to interception by someone on the same network that was using software to decode transmissions. In ZDNet’s report, “the vulnerability allows anyone with a certificate signed by a ‘trusted CA’ to do a man-in-the-middle (MITM) attack.” The flaw could very well be how the NSA claimed to be able to spy on iOS devices in the past, though there is no firm evidence of that — or of any significant use of the loophole — thus far.
Phil Plait of Slate has noted that the patch itself has also caused problems, and is said to have “bricked” several Apple devices for some users, including issues which he documented with his own iPad 2.
OS X has apparently also been open to a similar flaw, possibly for several months, perhaps even dating back to version 10.7. In a statement issued from Apple spokeswoman Trudy Muller to Reuters on Saturday she said that the company is “aware of this issue, and already have a software fix that will be released very soon.” No official date has been announced, though it should be noted that there have also been no reports of system compromises that can be tied to this bug thus far. In the meantime, users may wish to tread carefully in engaging in sensitive activities on public Wi-Fi networks with Macs until the update for OS X is released.
