Apple has previously released an SSL security vulnerability on Apple OS X and iOS, which has previously been fixed on the iOS system, and now Apple has launched the OS X 10.9.2 official version to fix the vulnerability, and today Mac APP The store has officially pushed updates to the user.
According to previous media reports, this SSL and the operating system of a specific line of code-related, the attacker can directly bypass the SSL/TLS authentication route, so that the OS X users are attacked by the intermediate link. Specifically, even if the Secure Sockets Layer (SSL) and Transport Layer Security Protocol (TLS) function properly, the Web site will not be protected by the vulnerability of Apple devices when they are connected. This vulnerability could allow hackers to bypass the authentication system when accessing the same network as users, and to steal all communication records from users and online services such as banks. If a user uses a shared wired or wireless network, an attacker would be able to intercept traffic on compromised computers, obtain sensitive information such as user names and passwords, or inject malicious software into it.
This SSL security vulnerability was first introduced into the iOS system in 2012, but only for Mac computers with OS X 10.9 systems installed. Users who use the OS X "Lion" and "Mountain Lion" systems are not affected.
In fact, the OS X 10.9.2 system has already launched a beta version last December, and then released 7 Beta updates, the launch of this formal version of the Emergency repair of the SSL vulnerability, but also added some new features and performance improvements, This is particularly noticeable in the FaceTime and messagers applications in the addition of FaceTime audio calls, FaceTime call waiting function. Previously this functionality was limited to iOS devices, and after the official release of OS X 10.9.2, users could use call waiting for FaceTime audio and video calls. Users of imessages information can also choose to block.
The full update of this OS X 10.9.2 official edition reads as follows:
Ability to dial and receive FaceTime audio calls
Fixed security vulnerabilities that allow hackers to bypass SSL/TLS validation
FaceTime audio and Video call support call waiting
Imessages Information Increase blacklist interception function
Improve the stability and reliability of the mail program
Increased the accuracy of unread messages in the mail program
Fixed a problem where a message could not accept new mail from some service providers
Fixed the mail and finder's voiceover navigation features
Fixed a problem that could cause audio distortion in some Mac models
Improved reliability when connecting to a file server using SMB2
Improves the compatibility of the auto Fill feature in Safari browser
Improve the installation efficiency of the Mavericks
Fixed a problem that could cause a VPN connection to disconnect
It is also noteworthy that, according to the news from Apple's official technical support forum, the previous manual update of OS X 10.9.2 user feedback has affected the normal use of the original airplay mirroring function after the new system has been upgraded and has more than one impact. Depending on the user feedback that has been upgraded, the "AirPlay mirroring" option is no longer available in the AirPlay menu, or when the Mac is connected to Apple TV and the digital content is played, only audio appears and does not see the screen. In addition, some users with airplay display have found resolution error, frame rate is too low, the mouse occasionally freezes, video can not play and so on. According to the feedback users, the problem is mostly the old Mac devices.
In addition, in addition to airplay, there are other users found a number of new problems, including the crash of the mail system, page up and down cotton, Safari crash, and 2013 of the MBP system in the wake of the crash, card dead or black screen phenomenon. I hope Apple will be able to fix these problems in the next version of the system as soon as possible.