OK, I noticed about a third to one half of my audience reads this blog on iOS devices and Macs. I guess it makes sense since no Windows users will be interested in these 'On the Mac' series of articles. If you have not notice already, Apple quietly releases iOS 7.0.6 and 6.1.6 over the weekend to address a vulnerability in the underlying SSL implementation framework.
My advice to all of you : Just Patch It. If you have iOS 7, upgrade now to 7.0.6 and likewise if you iOS 6, upgrade to 6.1.6. The vulnerability is serious enough for Apple to warrant a standalone iOS release, even for iOS 6. Apparently, iOS 5 is not affected. More information at HT6147.
It has also been discovered that the same vulnerability exists on Mavericks. There is no patch at this point from Apple so you have to stay tuned for updates as to when this patch will be made available. Meanwhile, you can try to mitigate the risk by not hooking up to public Wifi systems (where the exploits are most easily executed). Perhaps you can just use FireFox or Chrome for now until Safari is fixed.
Update : Apple has rolled out Mavericks 10.9.2 which contains the fix for the TLS/SSL vulnerability.
No comments:
Post a Comment