Apple releases OS X patch for critical 'gotofail' bug

SearchSecurity Staff

Days after releasing a new version of its iOS mobile device operating system to address a flaw that could enable man-in-the-middle attacks, Apple Inc. has released a patch to address the same vulnerability in several iterations of its

    Requires Free Membership to View

Mac OS X operation system.

OS X version 10.9.2 addresses 31 unique issues, including the "gotofail" bug, named after the coding error in Apple's software that spawned the vulnerability.

According to the SANS Internet Storm Center and other experts, the bug makes SSL/TLS sessions vulnerable to man-in-the-middle attacks.

On Friday the Cupertino, Calif.-based vendor released iOS 7.0.6 for iPhone 4, later fifth-generation iPod touch devices, and iPad version 2 and later. It also released a separate patch for its Apple TV product. According to Apple, until the patch is installed, an attacker with a privileged network position may be able to capture or modify data in SSL/TLS sessions.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: