Apple finally patches massive OS X security bug with Mavericks 10.9.2
While I am a Linux guy at heart, I love OS X. After all, both Apple's operating system and Linux distributions are Unix-like. While Microsoft's Windows is relatively safe nowadays, I still feel safest on OS X or Fedora. Well, at least I did feel safe. While Linux remains rock solid, OS X and iOS have been dealt a huge blow from a trust perspective.
You see, on both of Apple's operating systems, there was a massive bug discovered, which rendered SSL to be virtually worthless. The bug was an honest mistake, any programmer could have made it. However, in a company the size of Apple, with all of its billions of dollars, it should have been caught. The entire fiasco puts a spotlight on Apple's checks and balances. Even if this is a one-off oversight, perception by consumers is everything. While the fruit-logo company was (arguably) quick to patch iOS, Mac users were left in the cold. Today, Apple finally throws its users a blanket, and releases an update to patch the nasty bug.
Surprisingly, the bug-fix was not rolled out on its own, but packaged into an entire Mavericks update -- version 10.9.2. This is disappointing, as it likely delayed the bug-fix to accommodate Apple with an easier update schedule. Even if that isn't the case, like I said earlier, perception is everything; releasing the bug-fix separately could have sent a more reassuring and apologetic message.
Now that the SSL bug is fixed, Mac users can feel safer on an unknown or untrusted access point. This fix minimizes the dreaded man-in-the-middle attacks. However, it is important to remember that not everything goes over SSL. It is still best-practice to only connect to trusted and well-known WiFi.
Besides the SSL bug, Apple touts the following benefits of Mavericks 10.9.2:
- Adds the ability to make and receive FaceTime audio calls
- Adds call waiting support for FaceTime audio and video calls
- Adds the ability to block incoming iMessages from individual senders
- Improves the accuracy of unread counts in Mail
- Resolves an issue that prevented Mail from receiving new messages from certain providers
- Improves AutoFill compatibility in Safari
- Fixes an issue that may cause audio distortion on certain Macs
- Improves reliability when connecting to a file server using SMB2
- Fixes an issue that may cause VPN connections to disconnect
- Improves VoiceOver navigation in Mail and Finder
I upgraded my Hackintosh today without issue and I am happy to report that I feel safer already! On a serious note, all compatible OS X users should update ASAP. Mavericks 10.9.2 is full of both goodies and bug fixes. Facetime audio-calls is a cool feature and as everyone knows, Mail.app needs all the help it can get -- fingers crossed that my Gmail starts to work better with it.
Have you updated? Was it smooth? Tell me in the comments.