OS X Mavericks update to fix major security flaw in Macs

Apple follows iOS 7 update with Mac OS X Mavericks patch to address encryption issues.

Apple has patched a major security flaw in OS X Mavericks that could allow hackers to intercept users' communications.

The OS X Mavericks v10.9.2 patch fixes a vulnerability that alters the way Mac devices handle encrypted communications, and means critical checks on the validity of a site's SSL certificate are overlooked when users try to establish a secure connection.

Advertisement - Article continues below

As a result, users have been warned to take caution when accessing sensitive web content using unsecured wireless networks until they have a chance to download the fix.

The emergence of the OS X Mavericks v10.9.2 patch comes several days after the consumer electronics giant flagged the existence of the same fault affecting iOS 6 and iOS7 devices.

At the time, details about a similar flaw in OS X Mavericks began to circulate, but a fix for the issue was only published on Apple's support pages yesterday.

The update also reportedly includes improvements to Mail, Messages and Safari apps, and also allows Mac users to participate in FaceTime calls.

In both cases, Apple's security alerts have stopped short of revealing whether the vulnerabilities have been exploited in the wild, or how long the company has been aware of their existence.

Advertisement
Advertisement - Article continues below

Mark Bower, vice president of infosecurity firm Voltage Security, said Mac users should download the patch as quickly as possible.

Advertisement - Article continues below

"This is a major bug that puts users' sensitive data, like login credentials, passwords, email and browsing data at risk," said Bower.

"Users should patch at their earliest opportunity. Until then, users should be very wary of accessing web content that is sensitive, especially on a network that attackers may also be on at the same time which is more often than you might think."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020