Last week, Apple announced that it intends to follow the iOS 7.0.6 update to release a patch to close vulnerabilities in the operating system OS X, related to incorrect handling SSL.
February 22 published a security update for iOS 7.0.6 iPhone 4 and later , iPod touch 5th generation and iPad 2 + . Simultaneously, a similar patch released iOS 6.1.6 for iPhone 3GS and iPod touch 4G. Update closes a vulnerability CVE- 2014-1266 , which allows an attacker from the ” privileged position in the network ” to intercept and modify the packets in sessions protected by SSL / TLS. It is about MiTM- spoofing attack traffic.
Hacker group Evad3rs strongly recommended users to install jailbreak iOS 7.0.6. Especially for the new OS hackers hacking was released an update to Evasi0n7, intended for ” hacking ” devices running iOS 7. With Evasi0n7 1.0.6 can jailbreak iPhone, iPad and iPod touch running iOS 7.0.6.
Today, jailbreak became available with the unofficial patch for iOS 7.0-7.0.5. Ryan created Petritsch package allows you to close the vulnerability CVE- 2014 -1266 . In other words, now to correct the error in the verification of SSL- connections, not necessarily to install the update iOS 7.0.6 jailbreak and repeat the procedure – just download the package SSLPatch and reboot the device .
SSLPatch is in Ryan Petrich repository http://rpetri.ch/repo/. The patch can be downloaded for free.