Following warnings last week that its users were being left vulnerable to security breaches whilst using the Internet, Apple has issued a fix for its OS X operating system.
The new patch follows a similar fix for devices running iOS 7 last week. A further investigation revealed that the problems also existed on Apple devices running the Mac OS X software, such as laptops and desktop computers.
Apple recommends users install the update immediately to improve ‘the stability, compatibility, and security of your Mac’.
It was revealed last week that users of iOS 7 devices such as iPhones and iPads were at risk from “attackers with a privileged network position” who might be able to capture or modify data when their victims accessed public Wi-Fi networks.
The vulnerability is related to the way secure connections are made between Apple’s Safari browser and websites using digital security certificates, for example online banking resources, Google and Facebook.
The flaw meant that these security certificates were not being checked properly, meaning that hackers could impersonate a website, allowing them to capture the data that was being sent over the now insecure connection before letting it continue its journey to the real website.
In a statement, Apple said that the security flaw had apparently existed for months but was never publicly disclosed. This led the company to come under severe criticism in the last few days for exposing such a critical vulnerability in its own software and then having no immediate fix available.
The update mentions programs including Mail, Facetime, iMessage, Software Update and more, signalling that all these widely-used applications were at risk.
Despite being hailed as a secure product, iOS has had several vulnerabilities highlighted in the recent months. Earlier this year, the company was forced to deny it had installed a ‘backdoor’ which would allow security agencies such as the US National Security Agency to spy on users, following claims that the agency regularly hacked targets using the device.
iOS has also repeatedly been exploited by researchers at the Hewlett-Packard sponsored Pwn2Own hacking challenge in 2010, 2011, 2012 and 2013.
Are you a security expert? Try our quiz!
Originally published on eWeek.
AI push sees Alphabet's Google saying it will consolidate its AI teams in its Research…
Beijing orders Apple to pull Meta's WhatsApp and Threads from its Chinese App Store over…
Key milestone sees Intel Foundry assemble ASML's new “High NA EUV” lithography tool, to begin…
Oracle's huge AI, Cloud investment in Japan will meet growing local demand and address digital…
People who create sexually explicit ‘deepfakes’ of adults will face prosecution under a new law…
Protest at cloud contract with Israel results in staff firings, in addition to layoffs of…