[Macpartners] Apple Issues OS X Update to Address SSL Flaw
Matthew E Davies
medavies at MIT.EDU
Wed Feb 26 12:36:37 EST 2014
Hi Andrew,
>From what I can tell from chatter online and reviewing Apple's information page about the update, the specific SSL/TLS flaw only affected 10.9.0 and 10.9.1. Is that not correct?
Matt
---
Matthew Davies
IT Consultant I
DUE Desktop Support
Room 12-102
617-253-9817
medavies at mit.edu
On Feb 25, 2014, at 1:44 PM, Andrew Munchbach <amunch at MIT.EDU> wrote:
> Good Afternoon,
>
> Apple has released a critical security updated for OS X Mavericks (10.9) and Mountain Lion (10.8) to address a flaw discovered in SSL/TLS. SSL (Secure Sockets Layer) is part of the TLS (Transport Layer Security) protocol and is used to encrypt sensitive information, often in a browser, as it traverses the Internet.
>
> The flaw, as described by Apple, can provide "an attacker with a privileged network position [with the ability to] capture or modify data in sessions protected by SSL/TLS."
>
> It is recommended that all OS X users update their machines as soon as possible.
>
> Information on how to update OS X can be found on Apple's website [http://support.apple.com/kb/HT1338].
>
> Those that need assistance updating OS X should contact their local IT support liaison or the IS&T Help Desk [http://ist.mit.edu/help].
>
> A copy of this notice can be found in The Knowledge Base: http://kb.mit.edu/confluence/x/CEYYCQ
>
>
> Regards,
> Andrew
> --
> Andrew Munchbach
> Network Security Analyst
> Massachusetts Institute of Technology
> IS&T | Operations & Infrastructure | Security Operations
> security at mit.edu
>
> http://ist.mit.edu/secure
>
>
More information about the Macpartners
mailing list