OSComputing Inc - "Explore the future of Operating Systems"

Tech Support Login | Register
  • 0  
  • 0  

    • Fix for major security flaw on OS X

    Post by: bond

    Apple's SSL bug first reported, when a mysterious, urgent update began pouring out to iOS devices. From there, the news just got worse. It wasn't just an iOS bug, but a problem in Apple's SecureTransport platform, present in OS X 10.9 for desktop and reaching back to iOS 6 on mobile. As of press time, it's still unpatched on the Mac, although company reps say they are aware of the issue and "already have a software fix that will be released very soon."

     The core of the exploit targets your SSL connection, the encryption behind the little padlock in your browser window you see when visiting webmail or banking sites. The browser knows you’re really talking to the bank because it’s verified the site’s SSL certificate, a kind of proof of identity. But the failure in Apple’s code means SecureTransport isn’t checking the certificates properly, and anyone who wanted could masquerade as your banking site, your email, or worse.

    THE VULNERABILITY INCLUDES FACETIME, MAIL, AND CALENDAR, SOME OF THE CORE ELEMENTS OF THE MAC ECOSYSTEM

    It starts with Safari, but it doesn’t stop there. According to researcher Ashkan Soltani, the vulnerability extends to every application built on Apple's SSL library, including FaceTime, Mail, and Calendar. They're some of the core elements of the Mac ecosystem

    Apple has released an update to OS X that patches the large security vulnerability identified above.The flaw stemmed from an erroneous line of code and meant that certain apps on Macs, iPhones, and iPads were susceptible to man-in-the-middle attacks, potentially allowing a hacker to pose as a trusted website or service.

    Today's security update, which is available by selecting Software Update inside a Mac's Apple menu, is said to resolve the issue on both OS X Mavericks and Mountain Lion. On Mavericks, Apple is releasing the patch as part of a larger update that brings the operating system to version 10.9.2, which includes small improvements to Mail, iMessage, and Safari, and adds the ability to make and receive FaceTime audio calls.

     

    Comments

    Please login to comment on this post if you are member. Login | Click here to register

    You are here: Home Post/Discussions OSComputing Inc - "Explore the future of Operating Systems" - Post/Discussions
    Copyright © 2025 OSComputing Inc. All Rights Reserved.

    OSComputing and Operating Systems Computing logo are trademarks of OSComputing Inc. Reader comments are owned by the poster. We are not responsible for them in anyway. All trademarks and icons mentioned in this website are property of respective owners. Operating systems logos are owned by respective company. OSComputing.org is not responsible for views, comments, content or external links posted by members.

    © 2012 - 2015 Satish Nagaraj Production