Barely ten days after the release of iOS 4.3.4, Apple has cranked out another rapid-fire update, the iOS 4.3.5. This update appears to be a minor one that fixes a security vulnerability and comes quickly after the 4.3.4 update, which addressed a similar security flaw used to jailbreak iDevices.
Apple introduces the iOS 4.3.5 software update
Apple, via its official website has provided further information about the software update.
“Available for: iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM), iOS 3.1 through 4.3.4 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.4 for iPad.
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS.
Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.”
In other words, hackers on the same network can store or change traffic that would otherwise be rather intensely encrypted. iPhone, iPad and iPod touch users can simply plug into iTunes to obtain the update. Whilst all these updates are bit on the minor side, most users are awaiting the iOS 5, which includes the pull down notification bar, Twitter integration, iCloud, iMessage and more.