Apple Issues Fix For Mac OS X Vulnerability

Following warnings last week that its users were being left vulnerable to security breaches whilst using the Internet, Apple has issued a fix for its OS X operating system.

The new patch follows a similar fix for devices running iOS 7 last week. A further investigation revealed that the problems also existed on Apple devices running the Mac OS X software, such as laptops and desktop computers.

Apple recommends users install the update immediately to improve ‘the stability, compatibility, and security of your Mac’.

Mac attack

It was revealed last week that users of iOS 7 devices such as iPhones and iPads were at risk from “attackers with a privileged network position” who might be able to capture or modify data when their victims accessed public Wi-Fi networks.

The vulnerability is related to the way secure connections are made between Apple’s Safari browser and websites using digital security certificates, for example online banking resources, Google and Facebook.

The flaw meant that these security certificates were not being checked properly, meaning that hackers could impersonate a website, allowing them to capture the data that was being sent over the now insecure connection before letting it continue its journey to the real website.

In a statement, Apple said that the security flaw had apparently existed for months but was never publicly disclosed. This led the company to come under severe criticism in the last few days for exposing such a critical vulnerability in its own software and then having no immediate fix available.

The update mentions programs including Mail, Facetime, iMessage, Software Update and more, signalling that all these widely-used applications were at risk.

Despite being hailed as a secure product, iOS has had several vulnerabilities highlighted in the recent months. Earlier this year, the company was forced to deny it had installed a ‘backdoor’ which would allow security agencies such as the US National Security Agency to spy on users, following claims that the agency regularly hacked targets using the device.

iOS has also repeatedly been exploited by researchers at the Hewlett-Packard sponsored Pwn2Own hacking challenge in 2010, 2011, 2012 and 2013.

Are you a security expert? Try our quiz!

Originally published on eWeek.

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Google Warns Of Italian Spyware On Apple, Android Phones

Italian company's hacking tools have been used to spy on Apple, Android smartphones in Italy…

2 days ago

Intel Signals Delay To Ohio Factory Over US Chips Act Dispute

Chip maker warns new factory in Columbus, Ohio could be delayed or scaled back, over…

2 days ago

Silicon UK In Focus Podcast: Sustainable Business

How do sustainable businesses use technology to innovate? And as businesses want to connect sustainability…

2 days ago

Australia Fines Samsung Over Water-Resistance Claims

Samsung rapped over the knuckles by Australian regulator because of 'misleading' Galaxy smartphone water-resistance claims…

3 days ago

Amazon Reveals Alexa Option To Mimic Any Person’s Voice

Bereavement aid for those in mourning? Amazon's Alexa voice assistant could be programmed to sound…

3 days ago