Apple iOS Devices Still Vulnerable to Attack?

Today a plethora of websites, including Yahoo Finance reported the news that yet another attack ('Masque Attack' -- so-named by cybersecurity firm FireEye Inc, who published details about the alleged vulnerability here on Monday --) enabled 'hackers' access to iOS devices. FireEye, according to Yahoo Finance claimed, "...the bug enables hackers to access their devices by persuading users to install malicious applications with tainted text messages, emails and web links."

Based in Milpitas, California, the firm said that Apple has been notified of the vulnerability and is fixing it.

Meanwhile, FireEye advises iOS users to refrain from installing apps from sources other than Apple's official App Store. Further, do not click "install" on a pop-up from a third-party web page, should you see one.

The security firm claims to have verified this vulnerability on iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta, on both jailbroken and non-jailbroken devices. They have succeeded in demonstrating 'Masque Attack' by replacing the Gmail application with a fake.

However -- and this is what I have been advocating all along -- please do take the excellent advice offered by FireEye: Only install apps from from Apple's App Store and/or their iTunes Store. Don't click "install" on any third-party pop-ups.

Seems simple, but I'm surprised at how many people unthinkingly do this.

(Screenshot composite includes pictures from Apple's iPhone page and their iOS page)