Apple Planning Fix for OS X SSL Bug as New Research Reveals iMessage, Other Apps Affected
Apple has confirmed that it will issue a software update "very soon" to patch the security flaw found in OS X that allows attackers to capture or modify data protected by the SSL/TLS protocols in Safari, reports Reuters. The vulnerability of OS X to the bug was detailed by security firm CrowdStrike and a Google engineer last Friday, and came right after Apple released iOS 7.0.6 to fix the SSL-related issues on iOS.
However, the security flaw, which has been termed "GoToFail" by security specialists due to the improperly used "goto" command that triggers it, may be affecting more than just Safari. Independent privacy researcher Ashkan Soltani has pointed out on his Twitter (via Forbes) that Apple's vulnerable SSL library is also used by apps including FaceTime, iMessage, Twitter, Calendar, Keynote, Mail, iBooks, Software Update, and more.
A list of apps deemed vulnerable to the SSL bug found in OS X and iOS by security researcher
Ashkan Soltani
Soltani does point out that apps such as iMessage and FaceTime have addded security measures that weaken the effects of the security flaw, but also added that the initial iCloud login used to authenticate such apps may also be compromised. The researcher states that other parts of the protocol such as the handshake between a service and a device are vulnerable to an attack as well, and will need to be secured by Apple.
Currently, users can check whether or not their computers are affected by the vulnerability by visiting gotofail.com in Safari. As users wait for a fix to the flaw, CrowdStrike recommends avoiding untrusted and unsecured WiFi networks while traveling. The site also recommends that users update to iOS 7.0.6 if they have not yet installed it on their iOS devices.
Popular Stories
Apple plans to announce new products "this week," according to Bloomberg's Mark Gurman.
Apple's "Mac Your Calendars" teaser last October
In his Power On newsletter today, Gurman said the products set to be updated this week include the iPad Pro, Vision Pro, and "likely" the base 14-inch MacBook Pro, with all three likely to receive a spec bump with Apple's next-generation M5 chip.
Gurman...
Apple's software engineers are internally testing iOS 26.0.2, according to MacRumors logs, which have been a reliable indicator of upcoming iOS versions.
iOS 26.0.2 will likely be a minor update that addresses bugs and/or security vulnerabilities, but we do not know any specific details yet.
The update will likely be released within the next few weeks.
Last month, Apple released iOS...
Buried in its announcement about "F1: The Movie" making its streaming debut on December 12, Apple has also announced that Apple TV+ is being rebranded as simply Apple TV.
A single line near the end of the press release states "Apple TV+ is now simply Apple TV, with a vibrant new identity," though Apple's website has yet to be updated with any changes, so we're unsure on the details of the...
While the iPhone 18 Pro and iPhone 18 Pro Max are still nearly a year away, a handful of new features and changes have already been rumored for the devices.
Below, we have recapped some of the early iPhone 18 Pro rumors so far.
Smaller Dynamic Island
The standard iPhone 18, iPhone 18 Pro, and iPhone 18 Pro Max will be equipped with a slightly smaller Dynamic Island, but the devices will...
Update: the Naver account appears to be referencing a speculative post on X by Vadim Yuryev, dated October 6. The original article follows.
Apple will announce new products through a series of press releases beginning as soon as next week, according to a dubious claim posted on the Korean blog Naver.
The Naver blog account yeux1122, which aggregates rather than originates Apple...
After releasing AirPods Pro 3 last month, Apple is already working on the next AirPods Pro, according to Bloomberg's Mark Gurman.
It is unclear if the new AirPods Pro would be branded as AirPods Pro 4, or if they would be considered an updated version of AirPods Pro 3. Gurman did not take a position, opting to describe them as a "new version" of the "high-end in-ear buds."
AirPods Pro 2...
Apple's second-generation smart glasses with an in-lens display may have two modes, depending on which device they are connected to.
Meta Ray-Bans without an in-lens display
In his Power On newsletter today, Bloomberg's Mark Gurman said he was told a future version of Apple's smart glasses may be able to run a full version of the visionOS operating system when they are paired with a Mac, and...
Apple has essentially discontinued Clips, its video-editing app designed to allow users to combine video clips, images, and photos with voice-based titles, music, filters, and graphics to create enhanced videos that can be shared on social media sites.
The app has been removed from the App Store, and a support document on Apple's site says that the app is no longer being updated and would no ...
Recent reports suggest that there are now no redesigned Apple Vision headsets in active development, with the company's focus pivoting decisively to smart glasses.
When Apple announced the Vision Pro in mid-2023, it described the device as the dawn of "spatial computing," a new paradigm that would eventually rival the iPhone in importance. With a $3,499 starting price, intricate design and...
