Apple Says Fix on the Way for OS X SSL Bug

Apple Says Fix on the Way for OS X SSL Bug

Reuters reports that a patch is on the way for a major security flaw in OS X, which is the same security flaw recently patched on iOS devices with iOS 7.0.6. Apple spokeswoman Trudy Muller told Reuters: “We are aware of this issue and already have a software fix that will be released very soon.”

security_breach

Friday afternoon saw Apple releasing a fix for mobile devices running iOS 7. Once the fix was released, experts took it apart and discovered that same security flaw is present in the Mac’s OS X operating system.

Any iOS 7 device not running the latest version of iOS 7, (7.0.6) may be open to attacks when connected to a shared network. The bad guys could view, edit, and download emails and other data sent via the Secure Socket Link protocol. (SSL)

As was noted in Apple’s update document for iOS, the Secure Transport “failed to validate the authenticity of the connection.” Apple remedied this by restoring the missing validation steps.

The omission reportedly consists of a single line and omitted bracket in the code, which means hackers can impersonate a website, such as a bank, Google’s Gmail, or Facebook, and capture the electronic traffic before passing it to the real site.

Hackers could also insert malicious web links into real emails, gaining full control of a user’s computer.

Industry veterans are warning users to avoid unsecured Wi-Fi networks until the software patch is available and installed on their machines.

We’ll keep an ear to the ground, and let you know as soon as a patch is available for OS X.