Thursday, November 14, 2013

iOS 7.0.4 Security Update

--


Apple has released the iOS 7.0.4 update. As with the previous three iOS 7 updates, this one patches a critical security hole. This update specifically patches the App Store app:
APPLE-SA-2013-11-14-1 iOS 7.0.4
iOS 7.0.4 is now available and addresses the following:

App Store 
Available for:  iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later.

Impact: App and In-App purchases may be completed with insufficient authorization.

Description:  A signed-in user may be able to complete a transaction without providing a password when prompted. This issue was addressed by additional enforcement of purchase authorization.

CVE-ID
CVE-2013-5193
IOW: Sounds like another kids-gone-wild-buying-stuff flaw in iOS. I'm glad that's locked again!

:-Derek



No comments:

Post a Comment