Burn Media Sites

The Great Smartphone Showdown: A Decade of Samsung vs. Apple

In the fast-paced world of smartphones, a fierce rivalry has shaped the industry for over a decade. On one side, Apple, the epitome of…

Samsung Brings Irregular Heart Rhythm Notification and Sleep Apnea Features to Galaxy Watch in South Africa

Samsung Electronics recently announced that two health feature updates on its Galaxy Watch line-up are now available for the South African market. The Irregular…

How Lyra and Courtne Marland are shaping communication with AI

With businesses the world over wondering how to incorporate AI into their operations, a ground-breaking young South African entrepreneur has built a game-changing AI-based…

Is the HONOR X9C the Right Smartphone for Startups and Entrepreneurs?

Entrepreneurs need a smartphone that can keep up with a demanding, fast-paced lifestyle. The HONOR X9C has been making waves for its ultra-durable build,…

ALX South Africa Expands Digital Training as PYEI Report Highlights Youth Job Growth

Bridging the Digital Skills Divide Following the release of the Presidential Youth Employment Intervention (PYEI) Q3 Report, which revealed over 53,379 new earning opportunities,…

How Lyra and Courtne Marland are shaping communication with AI

With businesses the world over wondering how to incorporate AI into their operations, a ground-breaking young South African entrepreneur has built a game-changing AI-based…

Microsoft launches new Surface devices in new AI era

Microsoft today announced the general availability of the all-new Surface Pro and the all-new Surface Laptop to empower users in South Africa to unlock…

Honor Magic V3 launches, four things to know

Honor introduced its latest foldable device, the Honor Magic V3, at IFA in Berlin. It is expected to be available in the South African…

Honor Magic V3, a Guinness world record attempt

Guinness World Record holder Bryan Berg, alongside Honor, will attempt to build the tallest house of cards in eight hours without using any glue….

Golf 8.5 update with lots of Life

Golf 8.5 and VW’s MQB Evo mechanical engineering. It won’t mean much to anyone who isn’t an automotive technical strategist, but it’s what made…

Tariffs trump US new car affordability needs

Tariffs shadow the global automotive market – pervasive, present, but often not spoken of. The unintended consequences can be enormous when tariffs are escalated…

GS3 Emzoom R Style review

GS3 Emzoom. It is another of the new Chinese models that continue to add diversity of choice for local buyers. In a market where…

Continue in 10 seconds

Skip

Apple • 1 Aug 2011

Apple bangs out another bug fix

By Roger Hislop

Read nextNintendo’s surprise sticker slash

Apple has released a security update for the iPad, iPhone and iPod Touch. The update is designed to fix a problem with certificates for encrypted sites that could allow an attacker to modify or intercept data. The bugfix is released as an update to iOS with version 4.3.5 – updates done via iTunes as usual.

This update comes just days after Apple released a patch for a PDF vulnerability.

The details from Apple are fairly opaque, but an analysis by Trustwave’s SpiderLabs suggests that a flaw in iOS does not check the validity chain of certificates, which potentially allows an attacker to use an existing valid certificate to sign a new one for any domain. This could enable a man-in-the-middle attack.

For you jailbreakerati, according to reports tools such as Redsn0w still work.

Have at it, you lot. You know what to do.

Details:

Models affected:
• iPhone 4 (GSM model)
• iPhone 3GS
• iPad and iPad 2
• iPod touch (3rd and 4th generation)

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.

Roger Hislop

Roger is a tech fan that is hot, hot, hot for well designed, clever, beautiful things that make our lives a little bit more amazing. He spends a lot of time geeking out in a house littered with bits of cable and electronics. He owns his own oscilloscope ferchrissakes. He was in tech PR for twelve years, so can spot flimsy claims and weasel words from gadget manufacturers at 1,000 paces. He amuses himself writing about gadgets, bikes and cars for a couple of mags.

Nintendo’s surprise sticker slash

Consoles • 1 Aug 2011

We use cookies

To improve your experience, deliver personalised content and advertising. Find out more by reading our cookie policy.

Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

By signing up for this email you agree to receive the latest info from Burnmedia Group.

Learn more via our Privacy Policy.

The Great Smartphone Showdown: A Decade of Samsung vs. Apple

Samsung Brings Irregular Heart Rhythm Notification and Sleep Apnea Features to Galaxy Watch in South Africa

How Lyra and Courtne Marland are shaping communication with AI

Is the HONOR X9C the Right Smartphone for Startups and Entrepreneurs?

ALX South Africa Expands Digital Training as PYEI Report Highlights Youth Job Growth

How Lyra and Courtne Marland are shaping communication with AI

Microsoft launches new Surface devices in new AI era

Honor Magic V3 launches, four things to know

Honor Magic V3, a Guinness world record attempt

Golf 8.5 update with lots of Life

Tariffs trump US new car affordability needs

GS3 Emzoom R Style review

Apple bangs out another bug fix

Roger Hislop

News

Microsoft launches new Surface devices in new AI era

Honor Magic V3 launches, four things to know

Honor Magic V3, a Guinness world record attempt

Huawei Women in Tech program gives women an edge

We use cookies

Welcome to Memeburn