As a result, "it is clearly critical that all users update as soon as possible, unless they only use their device for telephone calls," said Chester Wisniewski, a senior security advisor at Sophos Canada, in a blog post.
"This patch should be applied immediately if you log in to any service on your device, especially things like your bank or PayPal. Users are particularly vulnerable to this attack if they frequently use public/open Wi-Fi," he said.
According to Apple's related security advisory, released on Monday, "an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS." With the fix, Apple said that "this issue is addressed through improved validation of X.509 certificate chains," referring to the public key infrastructure standard, which is used to verify a user's identity when using SSL, via digital certificates.
The bug was discovered by Gregor Kopf of Recurity Labs, while conducting research for the German Federal Office for Information Security (BSI), as well as Paul Kehrer, who's part of Trustwave's SpiderLabs.
On Tuesday, Kopf released more complete details about the bug, highlighting that the flaw arose from the failure of iOS to verify a digital certificate's "Basic Constraints," to verify digital certificate origin. That revelation led developer Moxie Marlinspike to update his free sslsniff tool with a fingerprint that allows it to detect vulnerable iOS clients to attack. Using the tool makes it quite easy to automatically intercept iOS SSL/TLS connections.
Marlinspike's updating of the tool is interesting, because the iOS vulnerability involves the same Basic Constraints bug that first led him to create the tool, nine years ago. "The vulnerability was that, back then, nobody really validated certificate chains correctly," he said on his website. "Webkit browsers, as well as the Microsoft CryptoAPI (and by extension Internet Explorer, Outlook, etc. ...), validated all the signatures in a certificate chain, but failed to check whether the intermediate certificates had a valid CA BasicConstraints extension set."
"In other words, if you bought a valid certificate for your website, what you got was the equivalent of a CA certificate. You could use it to create a valid signature for any other website, and--naturally--intercept SSL traffic," he said. Now, Apple appears to have fallen into the same trap, thanks to its use of WebKit, the open source browser engine that powers Safari.
To check if your iOS device is vulnerable, Recurity Labs created a website that tests for the vulnerability. According to a blog post from Kopf, "if the Safari browser on your iDevice allows you to visit this site without issuing a warning, your device is vulnerable." A patch can be applied via iTunes.
Unfortunately, users of older iOS devices are out of luck, as Apple's patch only works on relatively recent devices. "If you are using an iPod Touch generation one or two, or an iPhone older than the 3GS, you will be perpetually vulnerable," said Wisniewski. "Owners of these devices should not use them for any purpose for which security or privacy is required."
Read our report on how to guard your systems from a SQL attack. Download the report now. (Free registration required.)