Market Overview

Apple Works To Fix Security Flaw In Software

Apple Works To Fix Security Flaw In Software

A security flaw in Apple (NASDAQ: AAPL) software could allow hackers to access information on its devices.

The error was in validating secure connections with websites, which keeps others from seeing your activity on protected sites like Gmail and Facebook.

When a device connects to a website, it establishes a secure connection by having the website validate its authenticity. Without a secured connection, a hacker on the same wireless network as you could intercept your connection and read or change the data inside of it, Johns Hopkins University professor of cryptology Matthew Green told Benzinga.

That means that anyone using a shared network, like public WiFi, to access Facebook, emails or bank accounts is at risk of an attacker gaining access to that information or installing malware.

Related Here's What You Need To Know About Apple On Monday, February 24, 2014

The company released a patch and an update on February 21 for iPhones, iPads and iPod touches that fixes the security problem. The update is available for iPhone 4 and newer, fifth-generation iPod Touch and iPad 2 and newer . But Mac laptop and desktop computers running the Mac OS X operating system are still at risk.

“The impact is that, if you're traveling right now with a Mac and you use a mail app or Safari, someone could access your information,” Green said.

Apple is expected to release a software update for the OS X shortly, Reuters reports.

“We are aware of the this issue and already have a software fix that will be released very soon,” Apple spokeswoman Trudy Miller told Reuters.

Apple didn't say how or when it found the error, just that the operating system “failed to validate the authenticity of the connection” in notes released with the update.

Green said the security flaw was caused by a small coding error. A line of the authentication code was copied twice, and it caused the system to bypass the rest of it.

“It causes an unexpected issue, where a big chunk of code gets skipped and it doesn't check the connections,” Green said.

Posted-In: ForbesNews Education Rumors Psychology Tech Interview General Best of Benzinga


Related Articles (AAPL)

View Comments and Join the Discussion!
Don't Miss Any Updates!
News Directly in Your Inbox
Subscribe to:
Benzinga Premarket Activity
Get pre-market outlook, mid-day update and after-market roundup emails in your inbox.
Market in 5 Minutes
Everything you need to know about the market - quick & easy.
Daily Analyst Rating
A summary of each day’s top rating changes from sell-side analysts on the street.
Fintech Focus
A daily collection of all things fintech, interesting developments and market updates.
Thank You

Thank you for subscribing! If you have any questions feel free to call us at 1-877-440-ZING or email us at

Mid-Afternoon Market Update: JC Penney Drops as S&P Looks to Hold on Above 1800

Wedbush Maintains on Netflix, Noting Comcast's $25-50M Surcharge