Apple fixes Critical Security flaw in Macs with OS X 10.9.2
Last month, Apple has released a small update to iOS, patching a security vulnerability. Just like how Mac and iOS share a lot of things, it turns out they share this vulnerability too.
The bug is now patched in OS X too. Along with the bug fix, 10.9.2 brings FaceTime Audio to Mac and more.
If you got a Mac running Mavericks, update to 10.9.2 right now. Why is it so serious? Read on.
The bug lies in SSL protocol implementation on iOS and Mac devices. It lets an attacker to track and modify data exchanged in sessions protected by SSL.
So let's say you're connected to a public Wi-Fi hotspot and are doing a bank transaction (HTTPS) – an attacker can use a network analyser (like Wireshark) and decode packets of data that are being transmitted. This is a huge flaw.
It seems, the bug is a result of single bad 'goto' line. Check out this Wired article for in depth analysis on this silly bug.
Bug fix aside, OS X 10.9.2 finally brings FaceTime Audio for Mac. Ideally, FaceTime Audio should have been included in Mavericks itself, but it didn't. iMessage app now has a 'blocked' list allowing you to block messages from people.