November 15, 2024
Apple Announces iOS 6 Will Fix In-App Purchases Hack

Apple Announces iOS 6 Will Fix In-App Purchases Hack

Posted July 20, 2012 at 9:23pm by iClarified
Apple has announced that iOS 6 will fix a vulnerability that allowed a hacker to fraudulently validate in-app purchases.

A vulnerability has been discovered in iOS 5.1 and earlier related to validating in-app purchase receipts by connecting to the App Store server directly from an iOS device. An attacker can alter the DNS table to redirect these requests to a server controlled by the attacker. Using a certificate authority controlled by the attacker and installed on the device by the user, the attacker can issue a SSL certificate that fraudulently identifies the attacker's server as an App Store server. When this fraudulent server is asked to validate an invalid receipt, it responds as if the receipt were valid.

iOS 6 will address this vulnerability. If your app follows the best practices described below then it is not affected by this attack.


Apple also provides steps developers can take to circumvent the vulnerability now.

Read More [via Teresa]


Apple Announces iOS 6 Will Fix In-App Purchases Hack
Follow iClarified
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (2)
You must login or register to add a comment...
Add Comment
per10
per10 - July 21, 2012 at 2:39am
INSTALLOUS!!!!!!!!!!!!!!!!!!!!!!!!!!
Reply · Like
DNA64
DNA64 - July 21, 2012 at 5:02am
TEXT EDIT/NOTEPAD!!! ;P
Reply · Like
Recent. Read the latest Apple News.
RECENT
Apple Shares New Apple Pay Ad: 'Plates' [Video]
Apple Shares New Apple Pay Ad: 'Plates' [Video]
New M4 MacBook Pro Display Features Quantum Dot Technology
New M4 MacBook Pro Display Features Quantum Dot Technology
ChatGPT for Mac Now Works With Apps Like Xcode, Terminal, More [Video]
ChatGPT for Mac Now Works With Apps Like Xcode, Terminal, More [Video]
Apple Announces 'Mythic Quest' Will Return for Season 4 on January 29, 2025
Apple Announces 'Mythic Quest' Will Return for Season 4 on January 29, 2025
UK Consumer Group Launches $3.8 Billion Lawsuit Against Apple Over iCloud Storage
UK Consumer Group Launches $3.8 Billion Lawsuit Against Apple Over iCloud Storage
More News
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sonoma
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
More Tutorials
Deals. Save on Apple devices and accessories.
DEALS
New 24-inch M4 iMac On Sale for $149 Off! [Lowest Price Ever]
New 24-inch M4 iMac On Sale for $149 Off! [Lowest Price Ever]
New 14-inch M4 MacBook Pro On Sale for $125 Off [Lowest Price Ever]
New 14-inch M4 MacBook Pro On Sale for $125 Off [Lowest Price Ever]
Apple AirPods 3 On Sale for $94! [Lowest Price Ever]
Apple AirPods 3 On Sale for $94! [Lowest Price Ever]
Apple AirTag 4-Pack On Sale for $69.99 [Lowest Price Ever]
Apple AirTag 4-Pack On Sale for $69.99 [Lowest Price Ever]
New M4 Mac mini On Sale for $50 Off [Deal]
New M4 Mac mini On Sale for $50 Off [Deal]
More Deals