Security research group Cryptopath has discovered a vulnerability in the way the iPhone OS handles authentication certificates that could enable potential attackers to gain access to user data. To take advantage of this flaw, an attacker would have to trick users into downloading a malicious file under the guise of a legitimate update. While there are no reports of this security flaw currently being exploited in the wild, be extra careful when opening unverified links or files until an official security update is released.
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 32 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.