Apple Patches Cover Security Flaw, New Flaw Revealed

Updated on

Apple Inc. (NASDAQ:AAPL) has pushed out another software update to deal with a vulnerability which made it possible for hackers to see messages users were sending and even alter those messages. Apple initially fixed the bug in iOS devices through the iOS 7.0.6 update it rolled out on Friday. That covered iPhones, iPads and iPod Touches. However, other Apple devices remained exposed—until now. Unfortunately though, Apple apparently hasn’t plugged all the security holes yet, as yet another flaw has been uncovered.

Apple battles SSL bug

According to TechCrunch, the issue came from an extra “goto” command in the SSL / TLS authentication protocols in Apple Inc. (NASDAQ:AAPL)’s operating systems. That basically means that some of the data which was sent to or from devices and should have been encrypted actually wasn’t.

The flaw has been open since October, so this was no short-term issue. Users of Apple Inc. (NASDAQ:AAPL) devices who have not yet updated them should certainly do so in order to plug this major hole. This new update is for OS X devices and is called the OS X Mavericks v10.9.2 update. Of course Apple also added a few other improvements along with a plug for that security hole.

Apple also battles new issue

Meanwhile, The Telegraph reports that yet another security flaw has been exposed in Apple Inc. (NASDAQ:AAPL) mobile devices. This flaw is a bit different than the SSL flaw, although the end result sounds to be similar. It basically enables hackers to either use phishing to trick someone into installing a malicious app on their iOS devices or exploiting “another remote vulnerability of some app.” At that point, the hacker could then monitor everything the iOS user does. Hackers could intercept the passwords and login information of Apple device users because they could see every single keystroke.

Security researchers say this particular flaw has only been produced in laboratory settings and that there is nothing to suggest that it has actually been used against owners of any Apple Inc. (NASDAQ:AAPL) devices.


Leave a Comment