Petronella Blog Archive

Visit our New Blog

Important Apple Updates

Blog Post

We recently reported on some very serious security flaws in iOS.  They were readily exploitable and would allow hackers access to all kinds of information on your iDevices.

The latest version of iOS, 8.4, fixes over 20 vulnerabilities.  Chief among the patches is one that secures iPhones and iPads from Logjam, which left iOS device encryption keys open to interception.  It affected popular protocols including HTTPS, SMPTS, SSH and TLS.  A hacker could downgrade security to 512-bit encryption by exploiting the Diffie-Hellman keys.  The problem was fixed in today's update by simply increasing the minimum allowed size for Diffie-Hellman ephemeral key to 768 bits.

The update also fixes issues with buffer overflow, certificate trust and memory corruption.  The OS X Yosemite update released for computers fixes the same issues along with a number of other vulnerabilities.

Since the update fixes problems with communications being intercepted and the ability for a hacker to take control of a device or computer, it's recommended that you apply the update as soon as possible.