Millions of Iphones and iPads at Risk as Apple Rushes Security Update

Man in the Middle Attack
Share the knowledge

Apple has released a critical security update for iPhone and iPad iOS 7 and iOS 6. This urgent update is to fix the critical security vulnerability that exposes your data (including usernames, passwords, and other account credentials at nearly any website or service) to a “Man in the Middle” (MitM) attack.

[Note: If your iPhone is jailbroken, please see our article How to Install the Apple Security Update on Jailbroken Phones.]

A Man in the Middle attack, as the name suggests, allows a hacker to put themselves in the middle, and to intercept your data.

Moreover, a hacker or criminal could spoof being one of your otherwise trusted websites, stealing your data, and even installing malicious software (such as a keylogger that reports back to them) on your device.

Man in the Middle Attack
Photo Credit: Martial Régereau / CC-BY-SA-3.0

The reason that millions of iOS devices are at risk right now for a Man in the Middle attack is that, with the latest version of iOS, Apple inadvertantly left out verifying that the host to whom your device is connecting over the SSL connection is an authorized, verified host. (SSL stands for Secure Sockets Layer.) SSL is the thing which confirms that your connection is secure, and which displays the lock symbol at secure websites:

Get New Internet Patrol Articles by Email!

(Unobtrusive plea for financial support by tipping us.)

 

SSL secure socket layer

Only, with the security flaw in iOS, you may think you are connecting to a secure site, securely, when, in fact, you’re not.

So, what should you do?

You should immediately, and we cannot emphasize this enough, update your iOS devices (also your OS devices, however Apple has not yet released the patch for OS!) with the security patch.

To do this, go to the Settings section of your iOS device (iPhone or iPad):

 

iphone settings icon

Select “General”:

iphone general settings

and select “Software Update”:

iphone software update settings

iphone security software update

Note: The Internet Patrol is completely free, and reader-supported. If something that you find here helps you, please consider supporting us. We also earn a small amount from ads and Amazon links:
Click for amount options


Share the knowledge

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.