Update: Apple says an OS X fix is coming soon.
Yesterday Apple released iOS update 7.0.6 alongside new builds for iOS 6 and Apple TV that it said provided “a fix for SSL connection verification.” While Apple didn’t provide much specific information on the bug, it wasn’t long before the answer was at the top of Hacker News. It turns out that minor security fix was actually a major flaw that could in theory allow attackers to intercept communications between affected browsers and just about any SSL-protected site. Not only that, but the bug is also present in current builds of OS X that Apple has yet to release a security patch for.
Researchers from CrowdStrike described the bug in a report:
“To pull off the attack an adversary has to be able to Man-in-The-Middle (MitM) network connections, which can be done if they are present on the same wired or wireless network as the victim. Due to a flaw in authentication logic on iOS and OS X platforms, an attacker can bypass SSL/TLS verification routines upon the initial connection handshake. This enables an adversary to masquerade as coming from a trusted remote endpoint, such as your favorite webmail provider and perform full interception of encrypted traffic between you and the destination server, as well as give them a capability to modify the data in flight (such as deliver exploits to take control of your system),”
Adam Langley, a senior software engineer at Google, also wrote about the flaw on his blog ImperialViolet and created a test site to check if you have the bug (pictured above):
Since this is in SecureTransport, it affects iOS from some point prior to 7.0.6 (I confirmed on 7.0.4) and also OS X (confirmed on 10.9.1). It affects anything that uses SecureTransport, which is most software on those platforms although not Chrome and Firefox, which both use NSS for SSL/TLS. However, that doesn’t mean very much if, say, the software update systems on your machine might be using SecureTransport….
I coded up a very quick test site at https://www.imperialviolet.org:1266. Note the port number (which is the CVE number), the normal site is running on port 443 and that is expected to work. On port 1266 the server is sending the same certificates but signing with a completely different key. If you can load an HTTPS site on port 1266 then you have this bug.
The updates Apple released for iOS yesterday are expected to fix the issue and Langley confirmed as much, but OS X 10.9.1 remains at risk. A test site to check if you have the bug is here.
Some users also report that Apple’s latest developer build 10.9.2 is still vulnerable:
Latest Apple 10.9.2 developer build still vulnerable to SSL bug at least via the @agl__ checker. Booting to windows for the duration.—
Ryan Lackey (@octal) February 22, 2014
Apple is yet to comment directly on the situation or provide an ETA on an incoming fix for OS X users.