Apple Releases OS X 10.9.2, Fixes SSL Security Flaw and Mail Issues
Today, Apple has released an update which addresses the SSL verification issues that were found in Mac OS X.
The patch was first found in iOS and was promptly patched with iOS 7.0.6 (and iOS 6.1.6 for those who aren’t on iOS 7). When Cryptography professor Matthew Green discovered that this weakness existed in both iOS and OS X, he said:
“It’s as bad as you could imagine, that’s all I can say. Without the fix, a hacker could impersonate a protected site and sit in the middle as email or financial data goes between the user and the real site.”
The major security flaw allowed hackers to intercept email and communications that are supposed to be encrypted. Assuming the attacker had access to the same network as the mobile or desktop user, they could view and change any traffic between the user and any protected website, like Facebook or Gmail.
The update to OS X also fixes issues users were experiencing with Mail, improving the accuracy of unread messages counts in the app. The release also adds FaceTime Audio with call waiting support (for video as well) and fixes issues in Safari.
Here are some other fixes and changes included in the OS X 10.9.2:
- Adds the ability to make and receive FaceTime audio calls
- Adds call waiting support for FaceTime audio and video calls
- Adds the ability to block incoming iMessages from individual senders
- Includes general improvements to the stability and compatibility of Mail
- Improves the accuracy of unread counts in Mail
- Resolves an issue that prevented Mail from receiving new messages from certain providers
- Improves AutoFill compatibility in Safari
- Fixes an issue that may cause audio distortion on certain Macs
- Improves reliability when connecting to a file server using SMB2
- and more.
The update is now available through the Mac App Store and users are urged to update any device running OS X immediately.