Apple Inc. (NASDAQ:AAPL) has pushed out another software update to deal with a vulnerability which made it possible for hackers to see messages users were sending and even alter those messages. Apple initially fixed the bug in iOS devices through the iOS 7.0.6 update it rolled out on Friday. That covered iPhones, iPads and iPod Touches. However, other Apple devices remained exposed—until now. Unfortunately though, Apple apparently hasn’t plugged all the security holes yet, as yet another flaw has been uncovered.
Apple battles SSL bug
According to TechCrunch, the issue came from an extra “goto” command in the SSL / TLS authentication protocols in Apple Inc. (NASDAQ:AAPL)’s operating systems. That basically means that some of the data which was sent to or from devices and should have been encrypted actually wasn’t.
On April 9th 2021, Bruce Greenwald, the founding director of the Heilbrunn Center for Graham and Dodd Investing at Columbia Business School, sat down for a Fireside Chat with Li Lu, the founder and chairman of Himalaya Capital as part of the 13th Columbia China Business Conference. Q1 2021 hedge fund letters, conferences and more Read More
The flaw has been open since October, so this was no short-term issue. Users of Apple Inc. (NASDAQ:AAPL) devices who have not yet updated them should certainly do so in order to plug this major hole. This new update is for OS X devices and is called the OS X Mavericks v10.9.2 update. Of course Apple also added a few other improvements along with a plug for that security hole.
Apple also battles new issue
Meanwhile, The Telegraph reports that yet another security flaw has been exposed in Apple Inc. (NASDAQ:AAPL) mobile devices. This flaw is a bit different than the SSL flaw, although the end result sounds to be similar. It basically enables hackers to either use phishing to trick someone into installing a malicious app on their iOS devices or exploiting “another remote vulnerability of some app.” At that point, the hacker could then monitor everything the iOS user does. Hackers could intercept the passwords and login information of Apple device users because they could see every single keystroke.
Security researchers say this particular flaw has only been produced in laboratory settings and that there is nothing to suggest that it has actually been used against owners of any Apple Inc. (NASDAQ:AAPL) devices.