About a month after the introduction of iOS 7.1, Apple has released an updated version of the mobile operating system, which includes a number of security fixes.
Released Tuesday, iOS 7.1.1 brings fixes for a total of 19 bugs affecting iPhone, iPad and iPod Touch users. While the majority of the patches remediated memory corruption vulnerabilities (16 in total) in open-source browser engine Webkit, one iOS fix addressed a critical bug (CVE-2014-1295), which could allow a bypass of encryption safeguards so that user data is exposed.
The security issue, which could lead to exploit via “triple handshake” attacks, was also present in Apple's Mountain Lion and Mavericks operating systems, prior to Mac OS X update shipped Tuesday.
In a security advisory, Apple said that the bypass could be successfully carried out by an intruder with a privileged network position.