Late last week, Apple confirmed the existence of a security flaw that could leave iPads, iPhones, and iPod Touches open to the prying eyes of hackers. As one tech expert opined in an interview with Reuters, the whole thing was "as bad as you could imagine."
Now Apple has published a fix, in the form of iOS 7.0.6, a software update that should shore up the defenses of your mobile device. If you've got your tablet/smart phone/media player set up to automatically download new Apple software, there's a chance that you're already updated. If not, navigate to Settings > General > Software update, and tap the "download and install" bar at the bottom of the screen.
The security flaw involves the authentication process, which could allow hackers to completely bypass the usual steps to verification, assuming they were operating on the same unprotected Wi-Fi network as their target. (Think: Starbucks, or the free Wi-Fi at the airport.)
"This enables an adversary to masquerade as coming from a trusted remote endpoint, such as your favorite webmail provider and perform full interception of encrypted traffic between you and the destination server, as well as give them a capability to modify the data in flight (such as deliver exploits to take control of your system)," notes Alex Radocea, an engineer at security company CrowdStrike. In other words: Chaos.
Worse yet is the news that the same security flaw afflicting iOS may also be afflicting Apple computers running OS X 10.9.0 and 10.9.1, meaning – as Ars Technica points out – that the operating system "has silently exposed the sensitive communications of millions of people for weeks or months." Apple is reportedly working on a fix.