Apple Patches Password Reset Vulnerability
Apple Friday patched a serious flaw in its Apple ID security system that would have enabled an attacker to reset a target’s password to a password of their own choosing.
Apple took its Apple ID “reset your password” — a.k.a. “iForgot” — page offline Friday after The Verge reported that a “step-by-step tutorial” had been published to the Web, detailing how to take advantage of the flaw.
Read more: Apple Patches Password Reset Vulnerability
Story added 25. March 2013, content source with full text you can find at link above.