Anyone running an iOS device (iPod Touch, iPhone 3GS or 4, iPad 1 or 2) should seriously consider upgrading the firmware through iTunes.
Apple recently released iOS 4.3.5 to patch a security flaw in the way SSL certificates are validated. It turns out the flaw is pretty darned fundamental and unless your device is patched with the latest firmware, you are extremely vulnerable to a simple (and free to download) man-in-the-middle attack on most encrypted communications from the device. Think internet banking, PayPal, secure email, online shopping etc,etc…..shocking that this flaw has been around for so long.
Here’s a link to a recent Sophos article that gives a little more background.
Shame that it is not patched for earlier iOS devices (you should seriously consider how you use such devices if you can’t patch them).
