iOS 7.1.1 Adds Touch ID Improvements And Fixes SSL Vulnerability

Apple has issued a new version of iOS to compatible iPhone and iPad devices, bringing a number of improvements and security fixes to the mobile operating system, including an SSL vulnerability not connected to the recently revealed Heartbleed bug.

Secure Transport has been fixed to prevent an attacker with a “privileged network position” from capturing data or changing the operations performed in sessions protected by SSL.

iOS 7.1.1 security

“In a ‘triple handshake’ attack, it was possible for an attacker to establish two connections which had the same encryption keys and handshake, insert the attacker’s data in one connection, and renegotiate so that the connections may be forwarded to each other,” says Apple. “To prevent attacks based on this scenario, Secure Transport was changed so that, by default, a renegotiation must present the same server certificate as was presented in the original connection.”

Other security fixes are offered for vulnerabilities in the IOKit Kernel and CFNetwork HTTP Protocol, along with one for Webkit which prevents a malicious website from terminating an application due to memory corruption issues.

The other headline improvement to iOS 7.1.1 is the improved functionality to the Touch ID fingerprint sensor on the iPhone 5S, which was a major focus of the last iOS update amid claims that the sensor becomes less responsive after repeated use.

The new version also fixes a big that could impact keyboard responsiveness and another that affects the use of Bluetooth keyboards when VoiceOver functionality is enabled.

iOS 7.1.1 is available as an over-the-air (OTA) update for the iPhone 4, 4S, 5, 5C and 5S, iPad 2 or later and fifth-generation iPod Touch or later.

How much do you know about the iPhone? Take our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

10 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

13 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

14 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

15 hours ago