The Hacker News Logo
Subscribe to Newsletter

Apple iOS 7.0.4 update released to patch Apple Store purchase vulnerability

Apple iOS 7.0.4 update released to patch Apple Store purchase vulnerability
Apple has released the latest version of its mobile platform i.e. iOS 7.0.4 includes bug fixes, security patches with some new features. The update is available for iPhone, iPad and iPod touch, identified as "build 11B554a."
Most importantly Apple has patched a critical security flaw that allowed to purchase stuff from the online Apple Store without having to tap in a valid password.

Vulnerability assigned as CVE-2013-5193, "A signed-in user may be able to complete a transaction without providing a password when prompted. This issue was addressed by additional enforcement of purchase authorization." Apple’s security bulletin says.

The patch restores the aforementioned authentication check and will allow app store transactions only  if the user will provide a valid password. The update also addressed an issue that would cause FaceTime calls to fail for some users.

Apple recommended users to update their devices immediately. iOS users can download and install the iOS 7.0.4 update through iTunes or through your device Settings (select General > Software Update).

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.