Apple pushed out iOS 9 Wednesday, addressing a cornucopia of vulnerabilities, including bugs that could lead to arbitrary code execution, credential leakage, and interface spoofing. The bug, discovered by Mark Dowd, technically exists in a library on both iOS and OS X and can be exploited via AirDrop, the feature that lets Apple users send files back and forth. Apple also updated to the latest version of OpenSSL in iOS 9 to solve what it calls multiple vulnerabilities in older versions of the protocol.
Source: https://threatpost.com/apple-addresses-dozens-of-vulnerabilities-embraces-two-factor-authentication-in-ios-9/114721/