Apple recently released iOS 7.0.6 and even an update for the iOS 6.x firmware generation in order to patch a bug related to the SSL/TLS library that could allow hackers to intercept and modify your data on secure HTTPS sessions. In other words regardless of the security a website has in place to protect private information it could still be accessible to hackers.
Although the company patched this vulnerability on iOS, however, Mac users utilizing Safari are still left in the dark.
Apple gave a statement toReuters today though saying that a fix for the Mac will be released very soon:
Apple Inc said on Saturday it would issue a software update “very soon” to cut off the ability of spies and hackers to grab email, financial information and other sensitive data from Mac computers.
Apple spokeswoman Trudy Muller told Reuters: “We are aware of this issue and already have a software fix that will be released very soon.”
The vulnerability is a result of a silly error which some have even said was intentionally introduced by Apple, to give the NSA a way to tap into the data going through secure networks. So just what was this error? Well it emerged from the portion of the code that verified the authenticity of the server was never reached.
Essentially someone on the same Wi-Fi network as you could intercept data being passed through secure websites like banking sites, payment gateways, Facebook etc. and alter it / steal your sensitive information.
Right now the only way you can safeguard yourself against this vulnerability is to take precautions like only connecting to your home Wi-Fi network (not public networks) and using 3rd party browsers like Chrome or Firefox where the bug isn’t present.