Just after a couple of days, after releasing the iOS 5 beta 4 version for the iOS developers, Apple has just released the new iOS 4.3.5 version for iOS devices. It’s available now on iTunes, just plug in your device and hit update to get the new software. The updated firmware version iOS 4.3.5 address a security issue related to PDF support. According to Apple, the iOS 4.3.5 “fixes a security vulnerability with certificate validation.” Note that this update is for GSM phones only and does not apply to the Verizon iPhone. Apple has also released an update firmware version iOS 4.2.10 for Verizon branded CDMA iPhone 4. So, this is just a minor update from Apple, but still it’s a notable update regarding the potential security issues. The devices compatible with this software update are: iPhone 4 (GSM model); iPhone 3GS, iPad, iPad 2 (Wi-Fi), iPad 2 (GSM), iPad 2 (CDMA), iPod touch (4th generation); iPod touch (3rd generation).
Download Apple iOS 4.3.5
# iPhone 4 (GSM).
# iPad (Wi-Fi).
# iPad 2 (Wi-Fi).
# iPad 2 (3G + GSM).
# iPad 2 (CDMA Verizon).
# iPhone 3GS.
# iPod touch 3rd Gen.
# iPod touch 4th Gen.
Download Apple iOS 4.2.10
# iOS 4.2.10 for Verizon iPhone 4.
You can also download the iOS 4.3.5 from Apple’s servers by plugging your iPhone, iPod touch, or iPad into your computer running iTunes on either Mac or Windows machines.
Apple has provided further information about the vulnerability fixed on its support site:
“Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.”