Recently, Apple released an update for all the iOS devices running iOS7 including iPhone, iPad, and iPod touch. The update iOS 7.0.6 is a minor update that includes a fix for SSL connection verification. The update was released as the iOS7 device users were facing severe security concerns.
Reports revealed that, a major flaw was discovered which would allow hacker with a privileged network position to capture or modify data in sessions that was protected by SSL/TLS. Our friend @Mrinmoy Swarnakar informed us about the attack reports. If we consider a case where a user is using an unsecured wireless service offered by a restaurant, and attackers have access to the network, then they could see and modify the data exchanges between user and bank sites where financial data is exchanged or social networking sites like Facebook, Gmail etc.
After company recognized the flaw, the update iOS 7.0.6 was released for the devices running iOS 7. The update is small in size and the size depends on the device being used. Apple also released a minor upgrade iOS 6.1.6 for the iPhone 3GS and fourth-generation iPod touch.
Several security researchers said that the same flaw existed in current versions of Mac OSX, running on Apple laptop and desktop computers. Presently, there is no update patch for that, though one is expected soon.