--
…And… The Fix Is Out!Apple has provided four security updates today, one of which is OS X 10.9.2 update. I'll skip Security Update 2014-001, Safari 6.1.2 update and Safari 7.0.3 update for the moment as they are not directly applicable to the SSL security flaw.
What have we here, among the several security updates in 10.9.2?
Data Security√ That's the fix for the SSL flaw, aka CVE-2014-1266.
Available for: OS X Mavericks 10.9 and 10.9.1
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.
CVE-ID
CVE-2014-1266
I'm glad that's over!
Update ASAP please! I'm off to do it myself right now.
I'll chatter about the other security updates, as well as the other security fixes in 10.9.2, a bit later.
--
No comments:
Post a Comment