freak-fix

Apple has pushed security updates to both iOS and OS X, ending their vulnerability to the FREAK exploit which allowed hackers access to personal data during encrypted sessions on a number of major websites. Android and Windows devices were also vulnerable.

At the time the exploit was discovered, affected websites included American Express, Airtel, Bloomberg, Business Insider, Groupon, Marriott and, ironically, the FBI, NSA and White House sites. Hackers could force the sites to use a less-secure form of encryption that could be relatively easily cracked. Apple’s fix prevents iOS and OS X from using the lower level of encryption even if the site requests it.

The fix is included in iOS 8.2, released yesterday. iOS 8.2 added support for the Apple Watch, improved the Health app and fixed a number of bugs, including an SMS reboot. It was also rolled into today’s Apple TV 7.1 update. The OS X fix is available as a standalone software update. From the Apple menu, select App Store then the Updates tab; a restart is required.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy's favorite gear