Apple has started fixing its multiday security flaw that left several OS X Mac users vulnerable to hacks and account hijacks.
Apple has rolled out an update to OS X Mavericks, the latest operating system for Mac computers, to address the multiday security vulnerability that left millions of users exposed to hackers. The system software update, which brings the version to 10.9.2 for OS X Mavericks, is strongly recommended for all OS X users, without which an attacker can capture or modify data or private communications sent over Apple devices, including emails, IMs and even bank transactions.
The security flaw in Apple devices running the latest operating system came to light when Apple released the security patch for iPhones and other mobile devices running iOS7, last Friday. The update fixed an SSL or Secure Sockets Layer encryption vulnerability, which is regarded as one of the most basic type of encryption for online activities. But millions of OS X Mavericks users were left in the dark for more than four days.
In a detailed note Apple noted the data security flaw and described the update to fix the security vulnerability by restoring missing validation steps.
Ryan Lackey, a longtime Apple user who founded CryptoSeal, also shared the news of the software update on Twitter.
Whoever at Apple decided to wait 4+ days for 10.9.2 to patch the OSX vulnerability needs to no longer be in that position.
- Ryan Lackey (@octal) February 24, 2014
The SSL encryption flaw did not affect third party software that is independent of Apple's custom SSL/TLS like the Google Chrome and Firefox browser, CNET reports. The latest update also brings other changes to the widely adapted OS for Macs. The update document lists all changes to OS X Mavericks after the 10.9.2 update.
The software update is rolled out for both Mavericks and Mountain Lion versions of OS X. The older versions of the desktop operating systems were not affected with the security flaw, Apple spokeswoman told CNNMoney.
