Apple releases iOS 7.0.6 CVE-2014-1266
On Friday, Apple released iOS 7.0.6 to fix a major SSL security vulnerability where a hacker could initiate a man-in-the-middle (MITM) attack and intercept SSL communications between an iOS device and its endpoint communication with another device or website.
Updates are available:
- iOS 6.1.6 for iPhone 3GS and iPod touch 4th generation.
- iOS 7.0.6 for iPhone 4 and later, iPod touch 5th generation, and iPad 2 and later.
- Apple TV 6.0.2 for Apple TV 2nd generation and later.
According to Apple, an attacker with a privileged network position may capture or modify in sessions protected by SSL/TLS