Apple Admits OS X Also Has SSL Security Flaw, Fix Coming Soon

OS X security

We are able to gauge the nature of this flaw in OS X quite well given that the release notes of iOS 7.0.2 come with a brief description of it. The release notes explain the flaw as this:

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.”

In other words, a hacker can intercept communication using SSL/TSL security over an OS X machine until a patch arrives and takes care of this security flaw. It occurs due to a faulty interpretation of digital certificates which are needed to establish a secure SSL/TSL connection for safe communication. All Apple needs to do is plug in the missing code and the issue will be resolved, which is apparently what the iOS 7.0.2 update has done for iOS.

According to an Apple spokesperson, “We are aware of this issue and already have a software fix that will be released very soon.” OS X users can expect a patch to arrive within the next two to three days. Until then, hang in tight and don’t divulge any critically significant information over an SSL/TSL connection.

Courtesy: Apple Insider

[ttjad keyword=”android-device”]

You might also like