{"id":3223,"date":"2014-02-23T12:38:19","date_gmt":"2014-02-23T17:38:19","guid":{"rendered":"http:\/\/kasperskydaily.com\/uk\/?p=3223"},"modified":"2020-02-26T15:08:37","modified_gmt":"2020-02-26T15:08:37","slug":"critical-ios-macos-bug-can-can-expose-your-confidential-data-update-now","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/critical-ios-macos-bug-can-can-expose-your-confidential-data-update-now\/3223\/","title":{"rendered":"Critical iOS, MacOS bug can can expose your confidential data, update now"},"content":{"rendered":"

On Friday, Apple released an urgent update to iOS 6 and 7. The only fix in the update is well worth bothering yourself with the update process, and doing it as soon as possible.<\/p>\n

The description of the issue, as stated by Apple itself \u2013 \u201can attacker with a privileged network position may capture or modify data in sessions protected by SSL\/TLS\u201d. To put it simply, when you do your online banking or Gmail mailing or Facebook chatting on the public Wi-Fi network<\/a> (e.g. at the airport or cafe), any skilled guy around can read and modify your data, even though you see that small lock in Safari, indicating that your session is protected with encryption. It\u2019s important to mention that the vulnerability affects almost any application, not only the web browser. No wonder Apple rushed to push this update.<\/p>\n

The security community spent this weekend trying to figure out the nature of the vulnerability. A technical analysis is available here<\/a>, however the most important finding is \u2013 that MacOS is affected too. Apple hasn\u2019t released the MacOS patch as of now, but we really expect to see it very soon.<\/p>\n

What to do:<\/p>\n