The Fix for Apple’s Scary OS X Security Flaw Is Here

Apple has prepared a fix for the scary OS X security flaw that lets somebody with “privileged access” to your network connection get at information you think is secure. It’s in the App Store now. Here’s what you need to know about the fix.

An Apple spokesperson has confirmed that the 10.9.2 update addresses SSL in OS X Mountain Lion and OS X Mavericks. The update is slow to show up in the web iTunes listing for OS X, but if you fire up the App Store on your Mac it will find the update.

S

As we told you over the weekend, the iOS and OS X security flaw leaves information protected by an SSL/TLS security layer open to peeping eyes. Basically, on affected machines, you might see that little lock in your browser search bar closed, but that wouldn’t mean that the connection between your browser and an external server is actually secure. The problem was fixed on iOS devices by version 7.0.6, which Apple pushed yesterday, but until now, there has been no fix for OS X machines.

The only indication that 10.9.2 fixes the “goto fail” flaw is a bit of preamble from the release notes.

The OS X Mavericks v10.9.2 Update is recommended for all OS X Mavericks users. It improves the stability, compatibility, and security of your Mac.

Apple’s Security Updates page hasn’t been updated to reflect the release yet, but Apple does specify that they don’t update it until they’re totally sure that the problem has been fixed. We’ll keep you posted, but in the mean time, hit the update now.

Related

Why Apple’s Recent Security Flaw Is So Scary

On Friday, Apple quietly released iOS 7.0.6, explaining in a brief release note that it fixed a bug in which “an attacker with a privileged… Read…