Apple bangs out another bug fix

Apple has released a security update for the iPad, iPhone and iPod Touch. The update is designed to fix a problem with certificates for encrypted sites that could allow an attacker to modify or intercept data. The bugfix is released as an update to iOS with version 4.3.5 – updates done via iTunes as usual.

This update comes just days after Apple released a patch for a PDF vulnerability.

The details from Apple are fairly opaque, but an analysis by Trustwave’s SpiderLabs suggests that a flaw in iOS does not check the validity chain of certificates, which potentially allows an attacker to use an existing valid certificate to sign a new one for any domain. This could enable a man-in-the-middle attack.

For you jailbreakerati, according to reports tools such as Redsn0w still work.

Have at it, you lot. You know what to do.

Details:

Models affected:
• iPhone 4 (GSM model)
• iPhone 3GS
• iPad and iPad 2
• iPod touch (3rd and 4th generation)

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.