While we eagerly anticipate the arrival of iOS 5, it looks like Apple is still hard at work fixing problems found in the current version of the operating system. Not long after it released iOS 4.3.4 which fixed the PDF vulnerability, the company has just pushed out a new update to iOS 4 users, bringing the OS up to version 4.3.5 (4.2.10 for Verizon devices).
This time it fixes another security issue but this time it’s a flaw that’s related to certificate validation instead. According to the release notes, “An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.”
It sounds like the fix prevents security issues like eavesdropping or the tampering of communication over a secure connection. It doesn’t seem like the sort of activity that is widespread or happens too often but hey – you can never be too safe. Plug your iOS device into your computer and run iTunes to update it.