Apple’s gotofail security gap extends to OS X

February 24th 2014

Late last week Apple posted an iOS update that patches a security vulnerability. People should update their iOS devices quickly to address this issue specific to Safari SSL connections. It appears, however, the code is shared with OS X and as result Mac apps also vulnerable.

Andy Greenberg for Forbes:

Apple revealed a critical bug in its implementation of encryption in iOS, requiring an emergency patch. Then researchers found the same bug is also included in Apple's desktop OSX operating system, a gaping Web security hole that leaves users of Safari at risk of having their traffic hijacked. Now one researcher has found evidence that the bug extends beyond Apple's browser to other applications including Mail, Twitter, Facetime, iMessage and even Apple's software update mechanism.

Until Apple posts a fix, users may want to do their secure browsing using Firefox or Chrome, which apparently don't utilize the exposed framework.

Apple’s gotofail security gap extends to OS X

Recent Articles

Browse and search for more articles


Home	About	Advertising	Search
Copyright 1995-2024 Insanely Great Mac. All rights reserved. Privacy Statment \| Terms of Service \| Editorial Policy