Friday 2/21/2014, Apple released security update iOS 7.0.6 for its iPhone, iPad and iPod devices to fix a vulnerability which allowed an attacker to capture and modify secure web traffic from the devices. Yeah, not good.
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.
The update is available from your device via Settings –> General –> Software Update on iPhone 4 and later, iPod Touch (5th Gen) and iPad 2 or later. Apple also released iOS 6.1.6 for the iPhone 3GS and iPod touch (4th Gen) devices. So if you still have a device make sure to get it updated as well.
So… are you updated yet?
It’s also worth noting that Apple sill hasn’t fixed the SSL security hole in OS X. But check out our article: How to Protect Yourself from the SSL Security Hole in OS X.