Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extremely critical crypto flaw in iOS may also affect fully patched Macs


  • Please log in to reply
3 replies to this topic

#1 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 AM

Posted 23 February 2014 - 10:16 PM

http://arstechnica.com/security/2014/02/extremely-critical-crypto-flaw-in-ios-may-also-affect-fully-patched-macs/

 

Just in. For OSX, it's a good idea to stay away from Safari and go with Firefox or Chrome, and of course keep critical tasks like banking off public wi-fi until a fix is released.

 

Gene


Edited by Genex17, 23 February 2014 - 10:17 PM.


BC AdBot (Login to Remove)

 


#2 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:46 AM

Posted 24 February 2014 - 12:41 AM

Here is another article on the topic. This article has another test site to test to see if you are vulnerable (the test site in this article gives a better explanation…i.e. is easier to understand whether you are safe or not).

http://www.macrumors.com/2014/02/22/os-x-ssl-vulnerability/

According to both test sites (the one in this article and the one you lined to), it appears that the vulnerability does not exist in Mac OS 10.8.5 (aka Mountain Lion) running Safari 6.1. I have not yet tested my Mac still running Lion yet. So, it appears it might be a vulnerability that was potentially introduced in Mavericks.

#3 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:46 AM

Posted 24 February 2014 - 12:50 PM

Tested it on my Mac running Lion (10.7.5) with Safari 6.1.1 and it is supposedly fine (i.e. no vulnerability).

So, it appears that if it affects the Mac OS, then it appears it might be limited to 10.9.x.

#4 Genex17

Genex17
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 AM

Posted 26 February 2014 - 04:45 AM

10.9.2 released Tuesday, Feb 25th. gotofail checks the Safari connection as Safe.  So looks as if this case is closed.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users