large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Apple OS X “gotofail” security bug fixed with new update

Apple has released an OS X update that fixes the large security vulnerability dubbed “gotofail” identified last week.

The “gotofail” security flaw stemmed from an incorrect line of code and caused certain Mac, iPhone and iPad apps to be susceptible to hackers.

Potentially, the flaw enabled hackers to pose as a trusted service or website and was deemed “seriously exploitable” by Johns Hopkins cryptographer Matthew Green when it was discovered.

The flaw exposed a critical weakness in its own software, including FaceTime, Mail, iMessage and the Software Update features on its device range.

When the bug was identified, Apple released an iOS 7 update to fix the mobile problem, but the issue was still active on the latest Macs running OS X Mavericks and Mountain Lion.

Now, Apple has released the OS X Mavericks 10.9.2 update that will resolve the issue as well as bring smaller improvements to the Mail, iMessage and Safari apps. The 10.9.2 update also adds the ability to make and receive FaceTime audio calls.

The update description found on Apple’s website actually makes no reference to the “gotofail” problem it fixes, focusing on the updated features mentioned above.

However, an Apple spokesperson speaking to Forbes confirmed that the update is also to “address the recent SSL encryption issue for both Mavericks and Mountain Lion”.

Apple has been heavily criticised by the online community for waiting for the OS X update bringing new features to release the “gotofail” fix, rather than issuing an emergency fix.

The Cupertino company did not issue any warning to its users for the OS X flaw, instead leaving users to search for unofficial patches and other solutions.

It seems the update will fix all the security issues, so we advise installing the update sooner rather than later.

Read more: Apple Mac Pro 2013 review

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.