Apple Planning Fix for OS X SSL Bug as New Research Reveals iMessage, Other Apps Affected
Apple has confirmed that it will issue a software update "very soon" to patch the security flaw found in OS X that allows attackers to capture or modify data protected by the SSL/TLS protocols in Safari, reports Reuters. The vulnerability of OS X to the bug was detailed by security firm CrowdStrike and a Google engineer last Friday, and came right after Apple released iOS 7.0.6 to fix the SSL-related issues on iOS.
However, the security flaw, which has been termed "GoToFail" by security specialists due to the improperly used "goto" command that triggers it, may be affecting more than just Safari. Independent privacy researcher Ashkan Soltani has pointed out on his Twitter (via Forbes) that Apple's vulnerable SSL library is also used by apps including FaceTime, iMessage, Twitter, Calendar, Keynote, Mail, iBooks, Software Update, and more.
A list of apps deemed vulnerable to the SSL bug found in OS X and iOS by security researcher
Ashkan Soltani
Soltani does point out that apps such as iMessage and FaceTime have addded security measures that weaken the effects of the security flaw, but also added that the initial iCloud login used to authenticate such apps may also be compromised. The researcher states that other parts of the protocol such as the handshake between a service and a device are vulnerable to an attack as well, and will need to be secured by Apple.
Currently, users can check whether or not their computers are affected by the vulnerability by visiting gotofail.com in Safari. As users wait for a fix to the flaw, CrowdStrike recommends avoiding untrusted and unsecured WiFi networks while traveling. The site also recommends that users update to iOS 7.0.6 if they have not yet installed it on their iOS devices.
Popular Stories
While past rumors have indicated the upcoming second-generation AirPods Pro will feature a built-in heart rate and body temperature sensor, Bloomberg's Mark Gurman has cast doubt on those rumors turning out to be true, saying instead such a feature is unlikely to come anytime soon.
"Over the past few months, there have been rumors about this year's model gaining the ability to determine a...
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks.
Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
Apple is working on an Apple Watch Series 8 model with a larger display, according to DSCC's Ross Young and Haitong International Securities's Jeff Pu.
In October last year, Young suggested that the Apple Watch Series 8 could come in three display sizes. Now, responding to a query about the rumor on Twitter, Young claims that the additional display size joining the Apple Watch lineup will be ...
The upcoming launch of Apple's redesigned MacBook Air with the M2 chip has some Windows laptop manufacturers "worried" that sales of Intel-based laptops will be negatively affected, according to industry sources cited by DigiTimes.
"A Wintel brand vendor pointed out that at a price point of US$1,000-$1,500, the MacBook Air will crowd out other high-end notebooks," the report claims, with...
The upcoming Apple Watch Series 8 will be able to tell a wearer if it believes they have a fever due to a higher than normal body temperature thanks to a new built-in sensor, according to Bloomberg's reliable Mark Gurman.
Writing in the latest edition of his Power On newsletter, Gurman says that the Apple Watch Series 8 will feature a new body temperature sensor, given that the sensor passes ...
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
European Union lawmakers have approved landmark legislation to heavily regulate Apple, Google, Meta, and other big tech firms.
The Digital Markets Act (DMA) and Digital Services Act (DSA) were proposed by the European Commission in December 2020. Now, collected in a "Digital Services Package," the legislation has been formally adopted by the European Parliament and seeks to address...
Top Rated Comments
Great work, Apple!
And it better come tomorrow :mad:
My definition of "very soon," and Apple's definition of "very soon," are very different. :(