Only ten days after releasing iOS 4.3.4, Apple has just pushed out iOS 4.3.5 to address a security issue with certificate validation.
iOS 4.3.5 Software UpdateThe new version checks in as Build 8L1, and is for the GSM iPhone 4, iPhone 3GS, all iPads, and the third- and-fourth-generation iPod touch. A separate iOS 4.2.10 (Build 8E600) is available for the CDMA iPhone.
Fixes a security vulnerability with certificate validation.
Direct download links:
- iPhone 4 GSM
- iPhone 4 CDMA (iOS 4.2.10)
- iPhone 3GS
- iPad 2 Wi-Fi
- iPad 2 GSM
- iPad 2 CDMA
- Original iPad
- iPod touch (fourth-generation)
- iPod touch (third-generation)
Update: Some users are reporting receiving errors when attempting to connect to Apple's servers for the update, but with repeated attempts it seems as though users are able to get through.
Update 2: Apple has now posted a support document describing the security issue patched in the update. The issue has been given an identifier of CVE-2011-0228.
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.
Recent Mac and iOS Blog Stories
• Apple Signs Deal for 23,000 Square-Foot Grand Central Terminal Store [Update: Rendering]
• Making Lion Act More Like Snow Leopard
• Nuance Debuts Dragon Dictate for Mac 2.5
• iTunes App Store Extends to 33 Additional Countries
• Steve Jobs Has No Problem Telling You What He Thinks
microsoft app store new imac news about apple macintosh consulting
No comments:
Post a Comment