Very few people noticed that Apple released Apple TV software update 7.0.1 for the 3rd gen Apple TV yesterday alongside iOS 8.1. Although the company hasn’t updated the Apple TV support page yet, it seems that the update only addresses some security vulnerabilities.
According to this Apple product security page, the 7.0.1 update contains two security fixes:
- Impact: A malicious Bluetooth input device may bypass pairing. Description: Unencrypted connections were permitted from Human Interface Device-class Bluetooth Low Energy accessories. If a device had paired with such an accessory, an attacker could spoof the legitimate accessory to establish a connection. The issue was addressed by denying unencrypted HID connections.
- Impact: An attacker may be able to decrypt data protected by SSL. Description: There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling CBC cipher suites when TLS connection attempts fail.
Let us know in the comments if you discover any other changes in Apple TV 7.0.1.
Apple TV Software Update 7.0.1—Apple TV (3rd generation) only
|Stability and performance||Includes general performance and stability improvements.|