Apple Releases iOS 7.0.6 Update to Patch Gaping SSL Security Hole
Straight to the point, the primary problem is that unpatched Apple devices fail to validate the authenticity of connections. The patch makes things right again by "restoring missing validation steps," Apple states in a support document.
It's not clear how Apple became aware of the issue and whether or not it knows of any cases where an attacker has taken advantage of the vulnerability. However, SSL is commonly used to transfer sensitive data, including payment information, so without the patch a hacker can spoof a legitimate website like a banking institution.
The patch is available for iPhone 4 and later, iPod touch (5th generation), and iPad 2 and later devices.