Apple releases OS X patch for critical 'gotofail' bug

Apple has followed up a recent set of iOS fixes with an urgent patch for OS X, correcting a flaw that enabled man-in-the-middle attacks.

This Content Component encountered an error

Days after releasing a new version of its iOS mobile device operating system to address a flaw that could enable man-in-the-middle attacks, Apple Inc. has released a patch to address the same vulnerability in several iterations of its Mac OS X operation system.

OS X version 10.9.2 addresses 31 unique issues, including the "gotofail" bug, named after the coding error in Apple's software that spawned the vulnerability.

According to the SANS Internet Storm Center and other experts, the bug makes SSL/TLS sessions vulnerable to man-in-the-middle attacks.

On Friday the Cupertino, Calif.-based vendor released iOS 7.0.6 for iPhone 4, later fifth-generation iPod touch devices, and iPad version 2 and later. It also released a separate patch for its Apple TV product. According to Apple, until the patch is installed, an attacker with a privileged network position may be able to capture or modify data in SSL/TLS sessions.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close