The IT Nerd

You might recall that Apple had an hole in its implementation of SSL that existed in pretty much everything they made that allowed someone on the same network as the victim to view encrypted traffic. Apple fixed this in iOS but not in OSX which left Macs vulnerable to this sort of attack. Thus it’s timely that Apple today released a patch for that hole today. Actually, they released several of them depending on what version of OSX that you run. Here’s the list:

• Security Update 2014-001 (Lion) (OS X Lion 10.7.5)
• Security Update 2014-001 Server (Lion)
• Security Update 2014-001 (Mountain Lion) (OS X 10.8.5)
• OS X Mavericks 10.9.2 Update (Combo)

Now, of interest was the notes relating to the security related items fixed in the above. It confirms that this issue only affects OSX Mavericks. Earlier versions of OSX were not affected.

I would recommend that Mac users running OSX Mavericks download and install this update right away. That way you’re fully protected from this exploit as it’s a safe bet that evil doers have got tools that take advantage of this.

This entry was posted on February 25, 2014 at 2:19 pm and is filed under Commentary with tags Apple, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.