Apple quietly pushes out iOS 7.0.6 and 6.1.6

Just one more reason why I don't like Apples closed off secretive operating system.  This vulnerability has been around for TWO major iterations of iOS. Apple really doesn't have a good track record with security which is rather scary considering their chant "WE ARE SAFE, THEY ARE NOT".

Apple has quietly pushed out iOS 7.0.6 and 6.1.6 -- small updates that addresses a hitherto unknown security issue with its mobile OS. According to the company's security notes, the previous versions of iOS was missing key SSL validation steps that kept Secure Transport from validating authentic connections, making it possible for "attackers with a privileged network position" to "capture or modify data in sessions protected by SSL/TLS." In other words, iOS devices were failing to protect themselves on shady networks, unbeknownst to the user.

So in short, any time an Apple device connected to a public wifi network it was putting the users security at risk. 

More here.