iOS 7.0.6

Μηνύματα
11.602
Reaction score
1.457
Είναι φρέσκο,φρέσκο και το βάζω στο iPhone subforum μιας και με το iPhone ξεκίνησαν όλα!:whistling:

Apple today released iOS 7.0.6 for iPhone, iPad, and iPod touch, a minor update that includes a fix for SSL connection verification. iOS 7.0.6, which carries a build number of 11b651, is available as an over-the-air-update and weighs in at 35.4MB on an iPhone 5s.



http://www.macrumors.com/2014/02/21/apple-ios-706/
 

gkontoletas

trouble in my brain
Μηνύματα
16.841
Reaction score
2.192
αρχίσαμε...

iOS 7.0.6
  • Data Security

    Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later

    Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

    Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

    CVE-ID

    CVE-2014-1266
http://support.apple.com/kb/HT6147
 

gkontoletas

trouble in my brain
Μηνύματα
16.841
Reaction score
2.192
Το κενό ασφαλείας που διορθώνει το iOS 7.0.6 είναι πολύ σοβαρό ενώ η αντιμετώπιση των χρηστών από την Apple είναι αστεία.... το ίδιο ακριβώς κενό ασφαλείας έχει πιθανότατα και το OS X

Update your Apple devices and systems as soon as possible to the latest available versions. Do not use untrusted networks (especially WiFi) while traveling, until you can update the devices from a trusted network. On unpatched mobile and laptop devices, set “Ask to Join Networks” setting to OFF, which will prevent them from showing prompts to connect to untrusted networks.
http://www.crowdstrike.com/blog/details-about-apple-ssl-vulnerability-and-ios-706-patch/index.html
 

xfader

Segregation supporter
Administrator
Μηνύματα
38.108
Reaction score
91.701
Το κενό ασφαλείας που διορθώνει το iOS 7.0.6 είναι πολύ σοβαρό ενώ η αντιμετώπιση των χρηστών από την Apple είναι αστεία.... το ίδιο ακριβώς κενό ασφαλείας έχει πιθανότατα και το OS X
Αν αργεί να βγάλει updates φωνάζεις. Όταν τα βγάζει, εγκαίρως ή μη, πάλι φωνάζεις. Αποφάσισε!
Ό,τι και να λες Windows Phone δεν πρόκειται να πάρουμε ποτέ!!! :p
 

gkontoletas

trouble in my brain
Μηνύματα
16.841
Reaction score
2.192
έχει και συνέχεια....

We have created a proof-of-concept "monitoring" app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.

Note that the demo exploits the latest 7.0.4 version of iOS system on a non-jailbroken iPhone 5s device successfully. We have verified that the same vulnerability also exists in iOS versions 7.0.5, 7.0.6 and 6.1.x. Based on the findings, potential attackers can either use phishing to mislead the victim to install a malicious/vulnerable app or exploit another remote vulnerability of some app, and then conduct background monitoring.
http://www.fireeye.com/blog/technic...ailbroken-ios-7-devices-and-a-mitigation.html
 



Staff online

ΣΤΑΤΙΣΤΙΚΑ

Threads
173.892
Μηνύματα
2.955.173
Members
38.255
Νεότερο μέλος
konfan
Top