S&P 500
7,226.20
+0.01%
Dow Jones
49,494.60
-0.62%
Nasdaq 100
27,685.40
+0.66%
Russell 2000
2,804.78
-0.02%
FTSE 100
10,364.50
0.00%
Nikkei 225
59,260.50
-0.78%

Consumer Electronics

Apple Takes Low-Key Approach to Fix Major Security Flaw

Photo of Paul Ausick
By Paul Ausick Updated Published
Follow 24/7 Wall St. on Google
This post may contain links from our sponsors and affiliates, and Flywheel Publishing may receive compensation for actions taken through them.

Apple_store_sign
JoeInQueens, via Wikimedia Commons
Apple Inc. (NASDAQ: AAPL) posted patches to its iOS mobile operating systems on Friday to fix a hole in iOS 6 and iOS 7 that would have allowed “an attacker with a privileged network position [to] capture or modify data in sessions protected by SSL/TLS.” The secure transport layer “failed to validate the authenticity of the connection.” Apple has fixed the problem by “restoring missing validation steps.”

This is a pretty big deal. It means that an attacker could intercept communications from an iPhone that was meant to be encrypted. Let’s say the attacker had access to the same network over an unsecured WiFi connection in a coffee shop or restaurant. He could impersonate a protected site such as Facebook or Gmail and alter any data passed between the iPhone and the site. The worse news for Apple is the its desktop operating system, OS X, is perhaps even more exposed to attack.

Given the severity of the potential damage, Apple has taken a low-key approach to notifying users of the harm to which they are exposed. The company has pushed a patch to iPhone users, but the company’s note says only, “This security update provides a fix for SSL connection verification,” and contains a link to a page on Apple’s support site. The update gives no sense of urgency about installing the patch.

This has to be embarrassing for Apple. SSL (secure socket layer) has been around for about 20 years and implementing it properly should be a no-brainer for a company like Apple. Perhaps that is why the company’s response has been so low-key.

Photo of Paul Ausick
About the Author Paul Ausick →

Paul Ausick has been writing for a673b.bigscoots-temp.com for more than a decade. He has written extensively on investing in the energy, defense, and technology sectors. In a previous life, he wrote technical documentation and managed a marketing communications group in Silicon Valley.

He has a bachelor's degree in English from the University of Chicago and now lives in Montana, where he fishes for trout in the summer and stays inside during the winter.

Featured Reads

Our top personal finance-related articles today. Your wallet will thank you later.

A 70-Year-Old With $1.4 Million Faces a $62,000 RMD That Pushes Him Into a Higher Tax Bracket
Drew Wood |

A 70-Year-Old With $1.4 Million Faces a $62,000 RMD That Pushes Him Into a Higher Tax Bracket
A Couple's $1.2 Million Portfolio Faces a 3.9% Withdrawal Rate That Feels Safe but Is Not
Drew Wood |

A Couple's $1.2 Million Portfolio Faces a 3.9% Withdrawal Rate That Feels Safe but Is Not

Continue Reading

How Cybersecurity Looks After Apple Privacy Fight
Chris Lange |

How Cybersecurity Looks After Apple Privacy Fight

Cybersecurity and personal rights have been the center of attention this week, with Apple Inc. (NASDAQ: AAPL) opposing a court…
What’s Up With Apple: Today’s the Day, Another Pegasus Patch, and More
Paul Ausick |

What’s Up With Apple: Today’s the Day, Another Pegasus Patch, and More

Apple's eagerly anticipated introduction of a new iPhone and, perhaps, other products is happening today at 1:00 p.m. PT, just…
What’s Up With Apple: NSO Lawsuit, ID Software Delay and More
Paul Ausick |

What’s Up With Apple: NSO Lawsuit, ID Software Delay and More

Apple has filed a lawsuit against NSO Group seeking to stop the Israel-based company from installing its spyware program on…
Paul Ausick |

What’s Up With Apple: 5G Real-World Speeds, Security Updates for Older iPhones, New iOS 14.5 Beta

Mobile network performance monitor Opensignal has new data on iPhone 5G performance in the real world.
Douglas A. McIntyre |

The Ten Huge Networks Hackers Will Target Next

The Sony PlayStation Network hack apparently exposed personal information, including credit card data, for 77 million people. It is a…
What’s Up With Apple: iPhone Security Patches, DIY NFT, and More
Paul Ausick |

What’s Up With Apple: iPhone Security Patches, DIY NFT, and More

Apple has released a patch for its mobile devices to plug a hole that could allow malware to be installed…
Douglas A. McIntyre |

Hackers To Hit Apple iPhone, Google Android Handsets Next Year

Roel Schouwenberg of Kaspersky Lab Americas made a number of either intemperate or prescient comments to USA Today. It may take a…
What’s Up With Apple: Apple Pay Hack, China iPhone Sales and More
Paul Ausick |

What’s Up With Apple: Apple Pay Hack, China iPhone Sales and More

A flaw in Apple Pay on iPhone could allow a thief to make large, unauthorized payments if a Visa card…
What’s Up With Apple: Fixes for New Hack, Record Sales in India, Earnings on Tap
Paul Ausick |

What’s Up With Apple: Fixes for New Hack, Record Sales in India, Earnings on Tap

Apple has released software updates to fix a nasty bug in the operating systems of all its devices. Record sales…

Top Gaining Stocks

Cboe Global Markets
CBOE Vol: 1,568,143
New Pluto Global
PSKY Vol: 12,285,993
Seagate Technology
STX Vol: 7,378,346
Oracle
ORCL Vol: 26,317,675
Datadog
DDOG Vol: 6,247,779

Top Losing Stocks

LKQ
LKQ Vol: 4,367,433
Clorox
CLX Vol: 13,260,523
Stryker
SYK Vol: 4,519,455
Mohawk Industries
MHK Vol: 1,859,865
Amgen
AMGN Vol: 3,818,618