Security flaw leaves about 1,500 iOS apps vulnerable to attack | iLounge News

News

Security flaw leaves about 1,500 iOS apps vulnerable to attack

About 1,500 iOS apps have an HTTPS vulnerability leaving them open to attack, according to analytics service SourceDNA. The flaw stems from a weakness in version 2.5.1 of AFNetworking, an open-source code which provides networking capabilities for apps. Apps containing the code may not properly validate SSL certificates, leaving users of apps like Movies by Flixster with Rotten Tomatoes and Citrix OpenVoice Audio Conferencing vulnerable to spying over public Wi-Fi networks. AFNetworking has updated version 2.5.2 to fix the issue and companies like Yahoo, Microsoft and Uber have already issued fixes for affected apps. The full list of vulnerable apps still using version 2.5.1 has been kept private, but SourceDNA provides a search tool allowing users to see which of their apps might be affected. [via Ars Technica]

Comments

Related Stories

Subscribe to iLounge Weekly

Sign up for the iLounge Weekly Newsletter

iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond.
iPod, iPhone, iPad, iTunes, Apple TV, Mac, and the Apple logo are trademarks of Apple Inc.
iLounge is © 2001 - 2018 iLounge, Inc. All Rights Reserved. Terms of Use | Privacy Policy