About 1,500 iOS apps have an HTTPS vulnerability leaving them open to attack, according to analytics service SourceDNA. The flaw stems from a weakness in version 2.5.1 of AFNetworking, an open-source code which provides networking capabilities for apps. Apps containing the code may not properly validate SSL certificates, leaving users of apps like Movies by Flixster with Rotten Tomatoes and Citrix OpenVoice Audio Conferencing vulnerable to spying over public Wi-Fi networks. AFNetworking has updated version 2.5.2 to fix the issue and companies like Yahoo, Microsoft and Uber have already issued fixes for affected apps. The full list of vulnerable apps still using version 2.5.1 has been kept private, but SourceDNA provides a search tool allowing users to see which of their apps might be affected. [via Ars Technica]
Latest News
- The OMOTON TKL Mechanical Gaming Keyboard is 50% Off
- Apple aims to convert users with new ‘Why Mac’ page
- iPadOS updates over 5G supported for the 2021 iPad Pro
- PlayStation DualSense appears on Apple online store
- Upgrade to a Smart Speaker with the Belkin SoundForm Elite, now 33% off
- Spotify introduces offline playback for Apple Watch
- iPhones dominate the global smartphone market in Q2
- App age rating for contest and gambling apps updated
- MacPilot lifetime license is 59% off
- Grab an 11-inch iPad Pro 128GB Wi-Fi model at $104 off