Dangerous Security Bug in iOS and OS X

ios-7-logo

Feburary 25, 2014: Apple releases update for OS X

Apple: Instructions on updating OS X

Arstechnica: Apple releases OS X 10.9.2, patches SSL flaw and adds FaceTime Audio support

Update iOS NOW!

Apple has released an update to address a very serious security problem with iOS 7 and iOS 6. If you have an iPhone, iPod, or iPad install the update immediately.

Apple has not yet released an update for the OS X, though it promises one shortly. If you use Safari on Mac, consider using Firefox or Chrome instead (though this is not a guaranteed solution). This page will be updated when an OS X update is released.

The vulnerability affects the way SSL connections are verified. In other words the operating system is not able to determine if a connection to a secure website, i.e. banking, online shopping, Gmail, etc., is real. Attackers could impersonate a real website, tricking the user to enter their credentials; or an attacker could intercept and read the encrypted traffic between the user and the secure website.

More Information:

This entry was posted in Apple, Safe Computing. Bookmark the permalink. Both comments and trackbacks are currently closed.