Date: Tuesday, February 25, 2014
Source: http://www.theverge.com/, arstechnia.com
Impacted Users: The SSL bug also affected iOS users, but a patch was pushed out last week to iPhones (4 and later), iPod touch (5th generation) and iPad (2nd generation and later) users closing down the vulnerability. The vulnerability is not present in versions of OS X prior to OS X 10.9 Mavericks or iOS prior to iOS 6. – ZDNet article published on 2/25/14
Description: Apple has recently informed the public that there is an inherent flaw in their software and are advising all product users to update to the latest version of software.
This includes iPhones, iPads, iTouches as well as desktops and laptops manufactured by Apple.
iOS version 7.1 fixes 41 vulnerabilities. iOS 7.1 released March 10
Apple has released OS X 10.9.2 update for all Maverick users, which, amongst other things patches the SSL bug in the operating system that could allow full transparent interception of HTTPS traffic.
Given the severity of the SSL bug, it is highly recommended that you install this update as soon as possible, and delaying could leave your data vulnerable to being harvested. While there haven’t been any credible reports of any criminals using this vulnerability, it’s better to be safe than sorry.
Prevention and Mitigation Procedures:
Desktop/Laptop Upgrade
Plug in device.
Choose Apple menu > Software Update.
iDevice Upgrade
Plug in device.
Tap Settings > General> Software Update
Tap Download and Install
Tap Install
If using iTunes to perform the update find instructions here: http://support.apple.com/kb/ht4623
—–
To learn more about the iOS update: http://www.apple.com/ios/
To get the latest update right for you and your system: http://support.apple.com/downloads/