Apple has started offering iOS 7.0.6 to iPhone, iPod touch, and iPad customers in an attempt to patch a seemingly critical security flaw in the underlying software of its iDevices.In a terse note on its Support site Apple reveals that “This security update provides a fix for SSL connection verification.” iOS 7.0.6 is for iPhone 4 or later, iPad 2 or later, iPad mini or later, and iPod touch (5th generation).
In a separate KB article on its Support area Apple details the patch more thoroughly:
“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS […] Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.”
iOS 7.0.6 can be downloaded over the air (OTA) or through iTunes, when the customer connects his/her device and chooses to “check for updates.”