This article was published on February 25, 2014

Apple fixes glaring SSL vulnerability with OS X 10.9.2, adds FaceTime Audio and iMessage blocking


Apple fixes glaring SSL vulnerability with OS X 10.9.2, adds FaceTime Audio and iMessage blocking

On the heels of an iOS update to address an issue with SSL authentication, Apple has released OS X Mavericks 10.9.2 to fix the problem for the Mac.

Apple has yet to release information about the security contents for the update, but you’ll definitely want to update any OS X installations as soon as possible.

Security researchers have discovered that the flaw came down to an errant “Goto” command in Apple’s code that caused it to bypass an important credential check. An attacker would need to have access to the network you’re on to exploit the flaw, but that’s not out of the question for situations like public Wi-Fi. Though Apple has remained relatively quiet about the issue, it’s a humiliating gaffe for the company.

If you want to check whether you need the update, you can visit Gotofail.com. The site checks against an invalid SSL certificate to see if your device is at risk. After updating to OS X 10.9.2, you should get a “Safe” message when you visit the page.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Alongside the security patch, OS X 10.9.2 has several handy features. You can now make FaceTime audio calls, use call waiting on FaceTime, and block individual iMessage senders. Apple has also continued to work on Mail, which has caused problems for users since OS X Mavericks arrived.

Image Credit: Justin Sullivan / Getty Images

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top