Security experts say Apple has patched a hole that could have exposed sensitive information to hackers.
Over the weekend, a major flaw in Apple’s software for mobile devices was revealed by the company. The flaw could have potentially allowed hackers to intercept emails and other communications that are meant to be encrypted, with experts claiming that Mac computers wee even more exposed.
But experts say it’s unlikely any hackers did any damage, since the vulnerability was first disclosed when Apple released a security patch over the weekend. The patch fixes the issue in the most recent software available for iPhones, iPads and iPod Touches.
However, a fix is not yet available for the OS X software, the operating system for Apple computers.
According to analysts, hackers could have taken advantage of the flaw by accessing a mobile user’s network, via an unsecured wireless service (for example), they could then see or alter exchanges between the user and protected sites such as Gmail and Facebook. Governments with access to telecom carrier data could do the same.
Because spies and hackers will also be studying Apple’s newly released security patch, they could still develop programs to take advantage of the flaw within days or even hours.
The issue was a “fundamental bug in Apple’s SSL implementation”, Dmitri Alperovich, Chief Technology Officer at the security firm CrowdStrike, told The Guardian. Adam Langley, a Senior Engineer at Google, agreed with CrowdStrike that OS X was at risk.
Security experts have offered the following advice to Apple users: make sure your device is updated with the newly issued software before next connecting to a public wireless network. Owners of Apple computers should wait until an update is available before using it on a public network.
And if you’re already tapped into an insecure network, sign off, then perform the update. Otherwise hackers could corrupt the update as it travels to your phone.
This isn’t the first time Apple has been exposed to security risks. The company was recently stung by leaked intelligence documents claiming that authorities had a 100% success rate in breaking into iPhones.
Source: The Guardian, WSBT 22