Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

+ - Apple SSL Bug Also Affects OSX

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "The certificate-validation vulnerability that Apple patched in iOS yesterday also affects Mac OS X up to 10.9.1, the current version. Several security researchers analyzed the patch and looked at the code in question in OS X and found that the same error exists there as in iOS.

Researcher Adam Langley did an analysis of the vulnerable code in OS X and said that the issue lies in the way that the code handles a pair of failures in a row. The bug affects the signature verification process in such a way that a server could send a valid certificate chain to the client and not have to sign the handshake at all, Langley found.

Some users are reporting that Apple is rolling out a patch for his vulnerability in OS X, but it has not shown up for all users as yet. Langley has published a test site that will show OS X users whether their machines are vulnerable."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Apple SSL Bug Also Affects OSX

Comments Filter:

Economists state their GNP growth projections to the nearest tenth of a percentage point to prove they have a sense of humor. -- Edgar R. Fiedler

Working...