iOS 4.3.2 Protects Your iGadget Against Rogue SSL Certificates

Apple released yet another update to iOS this week. iOS 4.3.2 is the second incremental update for iOS in a matter of weeks following the launch of iOS 4.3. Like any incremental update, iOS 4.3.2. contains its share of minor tweaks and fixes, but iOS 4.3.2 is also important for the security of your iPhone or iPad.

Similar Articles:

Most of the attention around iOS 4.3.2 has revolved around fixes to FaceTime video chat and 3G connectivity. There have been reported issues with FaceTime chat freezing up, and users--particularly in Europe--have complained about not being able to connect to 3G networks from the iPad tablet. iOS 4.3.2 addresses both of those problems.

Behind the curtain, though, iOS 4.3.2 also contains a variety of security updates--the most crucial being a blacklist of the rogue Comodo SSL certificates. The Apple Support site explains, "Several fraudulent SSL certificates were issued by a Comodo affiliate registration authority. This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue is addressed by blacklisting the fraudulent certificates."

In layman's terms, your iPhone, iPod Touch, or iPad rely on SSL certificates to verify the authenticity of the Websites you visit from the mobile device, and provide a secure, encrypted connection. Using a rogue SSL certificate from the Comodo breach, an attacker could create a malicious site that spoofs a legitimate Website and expose your sensitive information and allow the attacker to capture crucial data like your username, password, or account details.

iOS 4.3.2 also addresses some other security concerns. Apple fixes two different vulnerabilities with WebKit that could be exploited to cause unexpected app termination, or allow the attacker to run malicious code on the device. In addition, iOS 4.3.2 fixes a flaw in QuickLook that could allow similar malicious activity by an attacker when viewing a Microsoft Office file.

Obviously, if you have been having issues with FaceTime or 3G connectivity you will want to apply this update. But, if you aren't experiencing those problems and you think that you don't need this gargantuan 600MB-plus update from Apple, think again. The security updates are crucial, and you want them on your iPhone or iPad.

Read more like this: iphone 4, apple ipad, ios, malware, wireless security

You can follow Tony on his Facebook page, his Google+ profile, or contact him by email at tony_bradley@pcworld.com. He also tweets as @TheTonyBradley.

Comments

Master Windows 7!

Our expert guide will help you get the most out of Windows 7.

Get the Superguide now!

Business News Daily

Get the latest technology news that's important to you and your business, fresh seven days a week.

Best Prices on Antivirus Software

Endpoint Protection v.12.0 Small Business Edition (Full Product, 10 Users) $119.58 and up See All Prices
Norton Antivirus 2012 (Full Product, 3 PCs) $21.00 and up See All Prices
Total Protection 2012 (Full Product, 3 Users) $21.99 and up See All Prices
Antivirus with Spy Sweeper $16.00 and up See All Prices

See all Best Prices on Antivirus Software »

See also: Best Prices on Security Software

Latest in Business Center Blogs

Linux Line - May 30, 2012 10:35 AM
LibreOffice Gets a Huge Speed Boost Version 3.5.4 of the popular free productivity suite offers performance gains of as much as 100 percent.
Simply Business - May 30, 2012 10:04 AM
Free Ebook Teaches You to Ace Every Presentation For a limited time, Amazon is offering this $26.99 Kindle book free of charge.
Linux Line - May 29, 2012 4:01 PM
Fedora Linux 17 'Beefy Miracle' Makes Its Official Debut Offering more than 60 new features, this free new OS has much to offer business users.
Security Alert - May 29, 2012 5:39 AM
'Flame': Lethal Cyberweapon or Media Hype? 'Flame' is a sophisticated malware attack, but one vendor takes issue with the hyperbole over the threat and calls it "2007 era technology."
Net Work - May 28, 2012 10:33 AM
Should Facebook Make a Smartphone? The rumors that Facebook is developing its own smartphone platform and/or hardware continue to persist. If true, it's a gamble that could have a significant impact on the social network.
Linux Line - May 27, 2012 7:11 AM
Microsoft Delivers a Blow to Open Source with Visual Studio 11 Focusing exclusively on Metro, the free, Express version of this software will no longer offer support for desktop-style applications.