You know it’s bad when my own mother calls me to find out about the latest patch. Mom rockin’ technology, but she’s not exactly the super-user. That being said, she succinctly pointed out that there was a vulnerability she’s heard about and perhaps a patch she would need to download. Luckily for her, it was as easy as checking for software updates and applying it. No messiness or research required. So what was it that warranted an immediate patch all it’s own?
A bug that affects SSL/TLS is a big deal, so good move Apple! SSL/TLS refers to encryption protocols that are widely and commonly used to encrypt the transmission of sensitive data. Any bug affecting SSL/TLS has the ability to undermine many, if not all, of the secure transmissions made from your devices. It pretty much leaves you wide open while you’re browsing. Site use genuine and authenticated (by an authority) certificates that your browser recognizes. One stray line of code stopped this process. The result of this code is the portion where the server’s signature is validated never gets executed. The number of different core Apple products and third-party apps that send and receive across these channels is high, so the problem was a big one. The update has successfully plugged that hole.