A serious flaw in network security affecting iOS devices and Mac computers was made public on February 21. Apple has since issued patches for both iOS 7 and OS X which we recommend all users install immediately.
Known as the ‘gotofail’ bug after a problematic command found in the operating systems’ code, a security flaw in iOS and OS X could allow a third-party to intercept data being sent over what would ordinarily be a secure Internet connection (SSL/TLS). The hacker would then be able to alter this data, access personal details, and inject malware.
A potential scenario for these ‘man-in-the-middle’ attacks would be while a user is connected to public WiFi in a cafe, train station, airport, etc. and accessing a web service which requires a login such as Gmail, Facebook, e-commerce or online banking.
Check now to see if your device is vulnerable by visiting the gotofail.com website.
At time of writing, patches are available for iOS 7 and OS X Lion (10.7), Mountain Lion (10.8), and Mavericks (10.9)
To update your iPhone or iPad, go to Settings > General > Software Update and follow the on-screen prompts.
To update your Mac, go to the Apple () menu in the top-left corner of your screen and select Software Update.
Further Details
- About the security content of iOS 7.0.6 (Apple)
- About the security content of OS X Mavericks v10.9.2 and Security Update 2014-001 (Apple)
- List of all recent Apple security updates
- And for the programmers out there – a breakdown of the gotofail source code by a Google engineer
About Us
We specialize in the setup, customization, and maintenance of IT for international businesses in Tokyo and have over 10 years experience in using Apple hardware and software for business.
If you have any concerns about deploying Macs or iOS devices in your Japan-based organization contact us for a free quote on our IT Management and IT Admin & Support solutions.