Got a tip for us? Share it...

New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Releases iOS 4.3.5 to Address Security Issue With Certificate Validation


Only ten days after releasing iOS 4.3.4, Apple has just pushed out iOS 4.3.5 to address a security issue with certificate validation.
iOS 4.3.5 Software Update

Fixes a security vulnerability with certificate validation.
The new version checks in as Build 8L1, and is for the GSM iPhone 4, iPhone 3GS, all iPads, and the third- and-fourth-generation iPod touch. A separate iOS 4.2.10 (Build 8E600) is available for the CDMA iPhone.

Direct download links:
- iPhone 4 GSM
- iPhone 4 CDMA (iOS 4.2.10)
- iPhone 3GS
- iPad 2 Wi-Fi
- iPad 2 GSM
- iPad 2 CDMA
- Original iPad
- iPod touch (fourth-generation)
- iPod touch (third-generation)

Update: Some users are reporting receiving errors when attempting to connect to Apple's servers for the update, but with repeated attempts it seems as though users are able to get through.

Update 2: Apple has now posted a support document describing the security issue patched in the update. The issue has been given an identifier of CVE-2011-0228.
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.


Top Rated Comments

(View all)

36 months ago

Does anybody go through the trouble to update to these pointless releases?
There hasn't been anything new since 4.3.0...


People who care about security do.
Rating: 19 Positives
36 months ago
I can't wait till delta updates lol
Rating: 8 Positives
36 months ago

Does anybody go through the trouble to update to these pointless releases?
There hasn't been anything new since 4.3.0...


takes 10 minutes to download and 5 minutes to update.

is that such a burden?
Rating: 8 Positives
36 months ago
came up as 666.6 mb download... careful! 666!
Rating: 8 Positives
36 months ago

And then over an hour to resync all my stuff


Don't do a restore when updating then...
Rating: 5 Positives
36 months ago

Even Microsoft doesn't push this many "security fixes". Did Apple fanboys always laugh at MSFT for stuff like this?


no we laugh at windows users who have to reinstall their OS every 7 days to keep it virus free. LOL
Rating: 4 Positives
36 months ago
Always good to see security updates.

Small aside, is anyone surprised Apple hasn't made the GSM and CDMA models on the same version number yet? I suppose they will with iOS 5.
Rating: 3 Positives
36 months ago
I accidentally clicked the check for update button while syncing my iPhone. Good thing I'm in class right now and can utilize my campus' blazing fast WiFi. The whole thing downloads in less than 8 minutes.
Rating: 3 Positives
36 months ago
damn, wish all these point releases were coming in OTA instead... can't wait for iOS 5!!!
Rating: 3 Positives
36 months ago

And then over an hour to resync all my stuff


Why would you possibly need to re-sync everything? Are you doing a full restore? If so, why?
Rating: 2 Positives

[ Read All Comments ]