SSL fix for OS X? (or only for IOS?)

CavemanMike

macrumors regular
Original poster
Nov 8, 2013
204
8
Does the SSL security problem which affects IOS6 AND IOS7 iphones/ipad affect mac's as well? (e.g. my macbook pro retina with OS X Mavericks?)

If so, is it only affecting safari? Would other browsers be affected, or is the problem with the OS affecting ALL browsers?

Thanks,

Mike
 

andijames

macrumors member
Sep 2, 2010
59
0
Manchester, UK
The SSL bug does indeed effect mavericks and i wouldn't at all be surprised to see 10.9.2 pushed out sooner rather than later now with this fix included with it.

It affects anything that uses the SSL library so will be used in Messages, Calendar, Contacts etc.

iOS was updated to protect against this with 7.0.6 but again wouldn't be shocked to see 7.1 pushed out alongside the Mavericks point release.
 

scaredpoet

macrumors 604
Apr 6, 2007
6,626
342
It wasn't JUST a problem on Public Wifi, though public wifi hotspots are the most likely, easiest way for someone to exploit it

In any case, if you haven't updated to 10.9.2, you should ASAP. It contains the fix for the issue.
 

CavemanMike

macrumors regular
Original poster
Nov 8, 2013
204
8
Thank you!

Yes, updated my mac this afternoon with an unexpected new feature:

Now on my mac book pro 2013 retina: a quick accidental press of the power button does not put my mac to sleep instantly! (you hold it for a few seconds) which is AWESOME!
 

sjinsjca

macrumors 68020
Oct 30, 2008
2,060
398
Does the SSL security problem which affects IOS6 AND IOS7 iphones/ipad affect mac's as well? (e.g. my macbook pro retina with OS X Mavericks?)

If so, is it only affecting safari? Would other browsers be affected, or is the problem with the OS affecting ALL browsers?

Thanks,

Mike
10.9.2 is available for a free update, and it fixes the SSL issue.

The SSL issue was NOT limited to Safari. Any software that relied on the OS to manage SSL was affected, including Mail and even the App Store. (Some software like Firefox used different libraries and was safe from this particular vulnerability.)

Having said that, the issue was an arcane one and required an attacker to be in a privileged position on your network or elsewhere in the chain between you and your target service, meaning at the router or ISP for all intents and purposes. So your home WiFi wasn't likely to be a risk, but perhaps there was a coffee shop somewhere with an Evil Barista who could exploit this.

Anyway. Update.