Apple's iPhone, one of the devices running the IOS platform
(WEB HOST INDUSTRY REVIEW) — According to several reports issued Friday, consumer electronics giant Apple (www.apple.com) issued version 4.3.2 of its IOS software, the platform that powers its iPhone and iPad devices this week, a patch that includes measures to address last month’s Comodo SSL breach.
In March, two Comodo resellers were compromised by a hacker in an attack that led to the issuing of several rogue certificates for well-known communications services. All the major browser developers issued updates that marked those certificates as invalid.
“Several fraudulent SSL certificates were issued by a Comodo affiliate registration authority,” says the note accompanying the update on the Apple support site. “This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue is addressed by blacklisting the fraudulent certificates.”
The Safari browser in IOS, however, is baked into the operating system, necessitating the OS update. According to reports, Apple also issued a patch for Mac OS X users.
The company issued two updates to the Webkit rendering engine for Safari, which would stop hackers from running code were a user to visit a malicious website. It also patched a hole in the libxslt library and updated Quicklook, which will prevent compromised Microsoft Office files from executing malicious code as well.
Along with the security patches were several bug fixes for 3G connectivity and applications running on IOS devices, including the Facetime video chat tool.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
