The big news about iOS 8.1, released today, isand a few less-notable features. But there are some new security updates.
It's only about a month since iOS 8.0 was releasedin 7.1, so not much is likely to have crept up in the meantime.
iOS 8.1 fixes five vulnerabilities in version 8.0. One of them is in SSL version 3, already .
Other bugs fixed in this update:
- If an iOS device had already been paired with a Bluetooth accessory of a certain type, then an attacker could spoof the accessory and establish an unencrypted connection with the iOS device.
- Sometimes files written to an app's Documents directory were encrypted with a weak key.
- An attacker on the same network segment could force iCloud data access clients to leak sensitive information.
- QuickType, the new software keyboard in iOS 8, could learn user credentials.
Apple also released Apple TV 7.0.1 today, fixing two vulnerabilities. One of these is the POODLE bug and the other is the Bluetooth pairing bug described above for iOS.