Apple Planning Fix for OS X SSL Bug as New Research Reveals iMessage, Other Apps Affected

Apple has confirmed that it will issue a software update "very soon" to patch the security flaw found in OS X that allows attackers to capture or modify data protected by the SSL/TLS protocols in Safari, reports Reuters. The vulnerability of OS X to the bug was detailed by security firm CrowdStrike and a Google engineer last Friday, and came right after Apple released iOS 7.0.6 to fix the SSL-related issues on iOS.

However, the security flaw, which has been termed "GoToFail" by security specialists due to the improperly used "goto" command that triggers it, may be affecting more than just Safari. Independent privacy researcher Ashkan Soltani has pointed out on his Twitter (via Forbes) that Apple's vulnerable SSL library is also used by apps including FaceTime, iMessage, Twitter, Calendar, Keynote, Mail, iBooks, Software Update, and more.

gotofail_list_of_apps

A list of apps deemed vulnerable to the SSL bug found in OS X and iOS by security researcher Ashkan Soltani

Soltani does point out that apps such as iMessage and FaceTime have addded security measures that weaken the effects of the security flaw, but also added that the initial iCloud login used to authenticate such apps may also be compromised. The researcher states that other parts of the protocol such as the handshake between a service and a device are vulnerable to an attack as well, and will need to be secured by Apple.

Currently, users can check whether or not their computers are affected by the vulnerability by visiting gotofail.com in Safari. As users wait for a fix to the flaw, CrowdStrike recommends avoiding untrusted and unsecured WiFi networks while traveling. The site also recommends that users update to iOS 7.0.6 if they have not yet installed it on their iOS devices.

Popular Stories

iOS 18

Apple Releases iOS 18.5 With New Wallpaper, Screen Time Changes, Carrier Satellite Support for iPhone 13 and More

Monday May 12, 2025 10:06 am PDT by
Apple today released iOS 18.5 and iPadOS 18.5, the fifth updates to the iOS 18 and iPadOS 18 operating systems that came out last September. iOS 18.5 and iPadOS 18.5 come a little over a month after Apple released iOS 18.4 and iPadOS 18.4. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. The iOS 18.5 update has a...
CarPlay Ultra Aston Martin

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation infotainment system via a software update in the coming...
iPhone 17 Pro Blue Feature Tighter Crop

WSJ: Apple Weighing Price Hikes for iPhone 17 Lineup Without Blaming Tariffs

Monday May 12, 2025 3:36 am PDT by
Apple is considering raising prices for its upcoming iPhone 17 models set to release this fall, according to people familiar with the matter cited by The Wall Street Journal. The company reportedly aims to pair the potential price hikes with new features and design changes to justify the increased cost to consumers, rather than attributing them to U.S. tariffs on goods from China. The...
iPhone 12 Made in India

Trump Tells Tim Cook to Stop Building iPhones in India

Thursday May 15, 2025 2:21 am PDT by
President Donald Trump has asked Apple CEO Tim Cook to halt the company's manufacturing expansion in India, in a potential disruption of Apple's plan to shift iPhone production away from China. "I had a little problem with Tim Cook yesterday," Trump said during his state visit to Qatar, according to Bloomberg. "He is building all over India." "They [India] have offered us a deal where...
tvOS 18 Feature

Apple Releases tvOS 18.5

Monday May 12, 2025 10:01 am PDT by
Apple today released tvOS 18.5, the latest version of the tvOS operating system. tvOS 18.5 comes a little over a month after the launch of tvOS 18.4, and it is available for the Apple TV 4K and Apple TV HD models. tvOS 18.5 can be downloaded using the Settings app on the ‌Apple TV‌. Open up Settings and go to System > Software Update to get the new software. ‌Apple TV‌ owners who have...
macOS Sequoia Feature

Apple Releases macOS Sequoia 15.5

Monday May 12, 2025 10:10 am PDT by
Apple today released macOS Sequoia 15.5, the fifth major update to the macOS Sequoia operating system that launched last September. macOS Sequoia 15.5 comes a little over a month after the launch of macOS Sequoia 15.4. Mac users can download the ‌‌‌macOS Sequoia 15.5‌‌‌ update through the Software Update section of System Settings. It is available for free on all Macs able to run ...
apple music

Apple Music Gets New Transfer Tool to Make Switching From Spotify Easier

Wednesday May 14, 2025 5:17 pm PDT by
Apple this week introduced a new feature designed to allow prospective Apple Music users to import their saved music and playlists from third-party music services to Apple Music. The feature is either in an expanded testing phase or it has started rolling out, and it is available in Australia and New Zealand according to an Apple Support document. Signs of the transfer option first surfaced...
iOS 18

iOS 18.5 Expected This Week With These New Features

Monday May 12, 2025 7:20 am PDT by
Following more than a month of beta testing, Apple is expected to release iOS 18.5 to the general public this week. While the software update is relatively minor, it still includes a handful of new features and changes for iPhones. Below, we recap everything new in iOS 18.5. Pride Wallpaper Apple recently announced its 2025 Pride Collection, including a new Apple Watch band, watch face,...

Top Rated Comments

yjchua95 Avatar
147 months ago
I can imagine an NSA techie slamming his head into a wall while saying "*******! They found the loophole I inserted!"
Score: 21 Votes (Like | Disagree)
MacMan988 Avatar
147 months ago
No security.

Great work, Apple!
Score: 12 Votes (Like | Disagree)
mathcolo Avatar
147 months ago
i hope this is a separate security release, and not only available in 10.9.2.

And it better come tomorrow :mad:
Score: 12 Votes (Like | Disagree)
SantaFeNM Avatar
147 months ago
Very soon.....

My definition of "very soon," and Apple's definition of "very soon," are very different. :(
Score: 11 Votes (Like | Disagree)
mw360 Avatar
146 months ago
So are Apple going to block all these vulnerable apps from running until a fix is available? Or is that kind of calling-out just reserved for Flash.
Score: 7 Votes (Like | Disagree)
Sky Blue Avatar
147 months ago
i hope this is a separate security release, and not only available in 10.9.2.
Score: 6 Votes (Like | Disagree)