dcsimg
July 15, 2018
Hot Topics:

Security Researchers Say 25,000 iOS Apps Contain Security Vulnerability

  • April 27, 2015
  • By Developer.com Staff

According to researchers at SourceDNA, 25,000 iOS apps are vulnerable to man-in-the-middle attacks thanks to a bug in AFNetworking SSL code. An earlier-discovered vulnerability in AFNetworking 2.5.1 left 1,500 apps open to attack. SourceDNA says, "A few weeks ago, we found that version 2.5.2 did fix this issue, but there was another flaw nearby in the same code."

The company offered the following advice to mobile development firms relying on AFNetworking SSL encryption: "If you are using AFNetworking (any version) you must upgrade to 2.5.3. Also, you should enable public key or certificate-based pinning as an extra defense. Neither of these game-over SSL bugs affected apps using pinning."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date