Apple OS X “gotofail” security bug fixed with new update
Apple has released an OS X update that fixes the large security vulnerability dubbed “gotofail” identified last week.
The “gotofail” security flaw stemmed from an incorrect line of code and caused certain Mac, iPhone and iPad apps to be susceptible to hackers.
Potentially, the flaw enabled hackers to pose as a trusted service or website and was deemed “seriously exploitable” by Johns Hopkins cryptographer Matthew Green when it was discovered.
The flaw exposed a critical weakness in its own software, including FaceTime, Mail, iMessage and the Software Update features on its device range.
When the bug was identified, Apple released an iOS 7 update to fix the mobile problem, but the issue was still active on the latest Macs running OS X Mavericks and Mountain Lion.
Now, Apple has released the OS X Mavericks 10.9.2 update that will resolve the issue as well as bring smaller improvements to the Mail, iMessage and Safari apps. The 10.9.2 update also adds the ability to make and receive FaceTime audio calls.
The update description found on Apple’s website actually makes no reference to the “gotofail” problem it fixes, focusing on the updated features mentioned above.
However, an Apple spokesperson speaking to Forbes confirmed that the update is also to “address the recent SSL encryption issue for both Mavericks and Mountain Lion”.
Apple has been heavily criticised by the online community for waiting for the OS X update bringing new features to release the “gotofail” fix, rather than issuing an emergency fix.
The Cupertino company did not issue any warning to its users for the OS X flaw, instead leaving users to search for unofficial patches and other solutions.
It seems the update will fix all the security issues, so we advise installing the update sooner rather than later.
Read more: Apple Mac Pro 2013 review