Tumblr Fixes iOS Apps

Thursday, July 18, 2013 @ 06:07 PM gHale


Tumblr released a “very important” security update for the iPhone and iPad apps to address a vulnerability attackers could exploit to compromise passwords.

Tumblr, owned by Yahoo, said those who have been using these apps should change their passwords on Tumblr and on other services where they utilize the same passphrase.

RELATED STORIES
Code Injection Holes in iOS Apps
Apple updates Safari, Java
New Apple Security Hole
Apple Fixes iOS Bugs

Tumblr has not the details of the vulnerability public, but the company said the passwords could have been “sniffed in transit on certain versions of the app.”

The iOS apps failed to log in users through a secure connection, thus allowing cybercriminals to intercept plain text passwords by sniffing the network traffic, security researchers said.

Such vulnerabilities can be dangerous since quite a few users connect to their social media accounts via unsecure public Wi-Fi networks.



Leave a Reply

You must be logged in to post a comment.