A Russian hacker recently published a video and server on the Internet that showed people how to steal software updates for iOS applications that use the in-app purchase feature.
At the time, many bloggers and software developers stated that to effectively close the loop to prevent another “man-in-the-middle” attack Apple would have to release a software fix. Yesterday, Apple announced that the fix will be included in iOS 6, due out this fall.
“Apple has responded to the recent App Store in-app-purchase bug and fraud with an email and temporary solution for registered iOS developers. This email includes a link to a new Apple developer web document that describes the issue and teaches developers how to temporarily plug the issue. Apple says that it will fix the bug completely with the upcoming release of iOS 6.”