HTTPS vulnerability found in at least 1500 iOS apps
Even though Apple’s App Store certification process is a developer’s worse nightmare, it has done a great job in keeping iOS free from many of the emerging malware trends of the last few years. Sadly that particular topic changes every day, so there’s no guarantee that your device is completely safe from any sort of hack, and today we learn of another one.
An HTTPS vulnerability bug was discovered back in February that affects version 2.5.1 of AFNetwork, a popular networking library used for iOS and OS X apps. This bug allows attackers to access sensitive and private information through device applications. At the time, nearly 1000 apps were detected with the bug, including popular titles from Microsoft, Yahoo, Flixter, Citrix, and Uber. A second scan was conducted recently, and even though the popular titles are already fixed with an update to version 2.5.2 of AFNetwork, a surprising 1500 apps are now on the list from other developers.
To learn more about which apps are affected, hit the source link. This is not necessarily a reason to panic, but definitely something that doesn’t hurt verifying.