Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

SSL fix for OS X? (or only for IOS?)

C

CavemanMike

macrumors regular
Original poster
Nov 8, 2013
211
11
Does the SSL security problem which affects IOS6 AND IOS7 iphones/ipad affect mac's as well? (e.g. my macbook pro retina with OS X Mavericks?)

If so, is it only affecting safari? Would other browsers be affected, or is the problem with the OS affecting ALL browsers?

Thanks,

Mike
 
The SSL bug does indeed effect mavericks and i wouldn't at all be surprised to see 10.9.2 pushed out sooner rather than later now with this fix included with it.

It affects anything that uses the SSL library so will be used in Messages, Calendar, Contacts etc.

iOS was updated to protect against this with 7.0.6 but again wouldn't be shocked to see 7.1 pushed out alongside the Mavericks point release.
 
It wasn't JUST a problem on Public Wifi, though public wifi hotspots are the most likely, easiest way for someone to exploit it

In any case, if you haven't updated to 10.9.2, you should ASAP. It contains the fix for the issue.
 
Thank you!

Yes, updated my mac this afternoon with an unexpected new feature:

Now on my mac book pro 2013 retina: a quick accidental press of the power button does not put my mac to sleep instantly! (you hold it for a few seconds) which is AWESOME!
 
CavemanMike said:
Does the SSL security problem which affects IOS6 AND IOS7 iphones/ipad affect mac's as well? (e.g. my macbook pro retina with OS X Mavericks?)

If so, is it only affecting safari? Would other browsers be affected, or is the problem with the OS affecting ALL browsers?

Thanks,

Mike
Click to expand...

10.9.2 is available for a free update, and it fixes the SSL issue.

The SSL issue was NOT limited to Safari. Any software that relied on the OS to manage SSL was affected, including Mail and even the App Store. (Some software like Firefox used different libraries and was safe from this particular vulnerability.)

Having said that, the issue was an arcane one and required an attacker to be in a privileged position on your network or elsewhere in the chain between you and your target service, meaning at the router or ISP for all intents and purposes. So your home WiFi wasn't likely to be a risk, but perhaps there was a coffee shop somewhere with an Evil Barista who could exploit this.

Anyway. Update.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back