Skip to main content

Apple updates iOS with certificate validation fix

Apple has released a second minor update to its iOS mobile operating system just ten days after the last security fix.

Although Apple plays its security cards close to its chest, the very fact that it has released an unannounced upgrade suggest that the security issue was critical.

The iPhone maker's security advisory says that unpatched devices could be vulnerable to an attacker with a privileged network position who may capture or modify data in sessions protected by SSL/TLS as well as other attacks involving X.509 certificate validation.

The update adds improved validation of X.509 certificate chains and is recommended for every iOS device including those as far back as the original iPhone still running iOS3.1.

One hit updates for your specific device are available through iTunes although those of you operating outside of Apple's walled garden might be happier here.