Apple has released iOS 7.0.6, a minor update to the operating system that resolves a security issue. The issue revolved around SSL verification, though Apple hasn’t yet described exactly what was going wrong. Presumably, it was important enough to warrant releasing an update to fix it now rather than bundling it into iOS 7.1, a large update to iOS 7 that Apple has been beta testing for several months now. Many iPhone and iPad owners have been eagerly awaiting the larger update, which is reported to include a number of design improvements and a fix to the pesky bug that’s been causing devices to restart seemingly at random during use. That wait may not be much longer though: reports have pegged iOS 7.1’s release as sometime in March.
On a new security page, Apple has disclosed the basic details of the flaw fixed in iOS 7.0.6. It seems that in at least one prior version of iOS, a hacker may have been able to retrieve and alter data that should have been protected by encryption. Apple says that this happened because the operating system failed to validate the connection’s security. Given the explanation’s limited details, it’s hard to judge just how serious this vulnerability may have been. But even so, it appears that it could have been a quite damaging, suggesting Apple had good reason to release the update quickly.