Site icon IT World Canada

Apple says fix for Mac encryption flaw coming soon

Following the release of a fix for a major security flaw in its iPhone and iPad mobile devices Apple Inc., said it is also working on solution for desktop and notebook devices running on Mac OS X that were affected by the same vulnerability.

Last Friday, Apple released a remedy for its affected mobile devices. After that release, experts discovered that the same vulnerability could also be found in the operating systems of Apple’s computers.

The flaw acts as a backdoor that enables hackers to steal email, financial information and other sensitive data from the computers. The flaw has been present for months, leading some people believe the flaw was missed due to inadequate testing by Apple, while others said it could have been intentionally introduced into the device by a rogue engineer or a spy.

 

In an email to the newswire service Reuters, Trudy Muller, Apple (NASDAQ:AAPL) spokesperson, said the company is “aware of the issue and already have a software fix that will be released soon.”

The flaw stems from the way the OS recognizes the digital certificates used by sites such as Google’s Gmail service and banking sites in order to establish an encrypted connection.

A line in the program and an omitted bracket caused the digital certificates to not be authenticated. This makes it possible for hackers to impersonate the Web site that a user wants to connect to and allows the hacker to intercept electronic traffic.

Using the flaw, hackers can also insert malicious Web links to emails that would enable them to control the target computer.

Read the whole story here

 

 

Exit mobile version