Wednesday, February 26, 2014

SSL Vulnerability Closed in OS X Update

Apple released Security Update 2014-001 yesterday, which closes the vulnerability discussed in my last post. Mountain Lion and Mavericks users should install this update ASAP. Note, if you are a Mountain Lion user and do not wish to update to Mavericks at this time (completely understandable, but fixable), then do not install the OS X 10.9.2 update. Select just the Software Update that includes Security Update 2014-001 as shown in the screenshot below.

OSX Software Update

The vulnerability allows your secure traffic to services such as iCloud, Gmail, and others to be intercepted. For specific details of this vulnerability, please consult the excellent writeups in ArsTechnica, The Safe Mac and Threatpost. If you haven't updated your iPhone or iPad to iOS 7.0.6, please do so now to fix the same vulnerability in iOS.

1 comment:

  1. I have read your blog it is very helpful for me. I want to say thanks to you. I have bookmark your site for future updates. Security Report


Please tell me your thoughts below. All comments are moderated, so yours will appear within a few hours. Thank you for being a reader!