Apple issues fix for glaring security flaw on Mac computers

SAN FRANCISCO Wed Feb 26, 2014 2:23am IST

Daniel Kottke, a member of the original Apple Macintosh design team and the first Apple employee, wears a Macintosh pin before participating in an event celebrating the 30th anniversary of the Macintosh in Cupertino, California January 25, 2014. REUTERS/Stephen Lam/Files

Daniel Kottke, a member of the original Apple Macintosh design team and the first Apple employee, wears a Macintosh pin before participating in an event celebrating the 30th anniversary of the Macintosh in Cupertino, California January 25, 2014.

Credit: Reuters/Stephen Lam/Files

Related Topics

Stocks

   

SAN FRANCISCO (Reuters) - Apple Inc (AAPL.O) has issued fixes for a security flaw in its Macintosh computers that allows hackers to intercept data such as email, patching a major and embarrassing glitch that came to light several days ago.

The security update for users of Apple's OS X computer operating software follows a fix issued for iPhones last week, meaning all Apple device users now have access to the patch.

The flaw allowed attackers with access to a mobile user's network, such as a shared unsecured wireless service offered by a cafe, to see or alter exchanges between the user and protected sites such as Google Inc's (GOOG.O) Gmail or Facebook (FB.O).

Governments with access to telecom carrier data could do the same, experts said.

On Tuesday, Apple said in a statement that the Mac security update also improved features such as its FaceTime videoconferencing service and email.

The flaw appeared related to the way in which well-understood protocols were implemented, and how Apple's software recognizes digital certificates used by websites to establish encrypted connections.

Researchers have said the bug could have been present for months. Apple has not said when or how it learned about the flaw in the way iOS handles sessions, in what are known as secure sockets layer (SSL) or transport layer security. Nor has it said whether the flaw was being exploited.

A spokesman for the company declined to comment on Tuesday.

(Reporting by Edwin Chan; Editing by Richard Chang)

FILED UNDER:

Tech Roundup

Reuters Showcase

Sahara Saga

Sahara Saga

Some staff say Sahara has not paid salaries for months   Read 

Killer Unmasked

Killer Unmasked

'Jihadi John' killer from Islamic State beheading videos unmasked as Londoner.  Full Article | Video 

Economic Survey

Economic Survey

India in "sweet spot" of lower deficits, more growth - Economic Survey.  Full Article 

Movie Review

Movie Review

"Ab Tak Chhappan 2" is a futile film: Shilpa Jamkhandikar  Full Article 

DLF Penalty

DLF Penalty

DLF says reviewing $8.4 million SEBI penalty.  Full Article 

Fresh Charges

Fresh Charges

Canadian woman accuses Bikram yoga founder of sexual assault.  Full Article 

Maid Abuse Case

Maid Abuse Case

Hong Kong woman jailed for six years for abusing Indonesian maid.  Full Article 

World Cup 2015

World Cup 2015

Full coverage of cricket world cup in Australia and New Zealand.  Full Coverage 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage