2 Critically Important Things Every Apple User Must Do This Weekend

Mar 1, 2014 - 18 Comments

apple-security

Two hugely important software security updates have been released for many Apple devices recently, and if you haven’t updated your software to the latest versions yet, you really should do it while you have some free time this weekend. Do this for all of your own Apple hardware, do this for your parents Macs, grandparents iPads, aunts iPhone, uncles iPod, cousins SE/30 (just kidding), everyone who owns an Apple device needs to update all of their operating systems to a patched iOS or OS X version as soon as possible.

For those who missed it, the security updates are aimed at plugging the SSL/TSL security flaw that was uncovered a few weeks ago, which leaves nearly every recent Mac, iPhone, iPad, or iPod touch vulnerable to the following potential situation we described here:

“… an attacker could use this [security] flaw to intercept data, like email, passwords, banking information, communications, basically anything, if the attacker is on the same network as you, or is otherwise able to get between your computer and a remote server.”

That’s bad, but here’s what’s good; there are updates available for nearly every one to prevent this exploit being used against them.

Got a Mac? Update to OS X 10.9.2 or the Security Update

First things first: Back up your Mac with Time Machine before installing any system software update. It’s always unlikely for something to go wrong, but making a backup takes a few seconds and can prevent a world of frustration in the odd event something goes haywire in the update process (even something unexpected like a power outage mid-update can lead to a broken OS X installation)

Backed up? Good, now go to the  Apple menu and head to “Software Update” to install the update available to you, it will be one of the following, depending on your version of OS X:

  • OS X Mavericks users can update to OS X 10.9.2 through Software Update
  • OS X Mountain Lion (10.8) users will find the “Security Update 2014-001 (Mountain Lion)” available under Software Update
  • OS X Lion (10.7) users will find the “Security Update 2014-001 (Lion)” available from Software Update

Mac users running OS X Snow Leopard won’t find any updates available for them, but that’s because Snow Leopard is not vulnerable to the SSL / TSL bug. In other words, 10.6 is safe from this specific security flaw, despite the load of erroneous hysteria in many other tech publications about Apple ‘dropping support’ for Snow Leopard and leaving them vulnerable. This can be confirmed by any Mac running Snow Leopard using Safari to visit the GoToFail test website.

For Mavericks users, installing OS X 10.9.2 also has nice perks, like resolving the final Mail problems that many Mac users had encountered, and there’s even a few new features added to OS X, like the ability to block iMessages from the Mac.

Those interested can read the release notes of OS X 10.9.2, and one of our readers was nice enough to paste the entire detailed security notes in the comments as well.

Can’t update quite yet for some reason? You really need to do so as soon as you can, whatever your version of OS X, but if you have some reason why you can’t update quite yet follow these basic protection tips in the meantime (for everyone else, it’s good advice to follow in general).

Got an iPhone, iPad, or iPod touch? Update to iOS 7.0.6

Before anything else, back up your iPhone or iPad before beginning, you can back it up to iCloud or iTunes, or both. Just don’t forget to back up first. iOS updates usually go without a hitch, but it’s not completely unheard of to wind up with a ‘bricked’ device after installing a minor update, and a backup lets you recover from that situation in minutes rather than hours.

With a fresh backup handy, update directly by going to Settings > Software Update and installing the latest version available. This is known as “OTA” or Over-The-Air updating, and the device needs to be on a wi-fi network to accomplish this.

Advanced users can also go the manual route and download the iOS 7.0.6 IPSW.

Yes, even jailbreakers should update their devices too you can read more about the evasi0n jailbreak for 7.0.6 here.

For nearly everyone, the iOS 7.0.6 update goes without a hitch, but if you have an experience like my iPhone 5 or some of our readers, and happen to experience some truly unusual reduction in battery life post-install, you’ll find the rapid battery draining issue is easily resolved with this simple trick.

Got an Apple TV? An update is available to plug the security hole for you too, found in Settings > Software Update.

Whatever your Apple device, do not leave yourself vulnerable to malicious individuals, update to the patched iOS or OS X version as soon as possible.

Enjoy this tip? Subscribe to the OSXDaily newsletter to get more of our great Apple tips, tricks, and important news delivered to your inbox! Enter your email address below:

Related articles:

Posted by: Paul Horowitz in iPad, iPhone, Mac OS X, Security

18 Comments

» Comments RSS Feed

  1. Robert D. says:

    Unfortunately, the OS X 10.9.2 update has not fully resolved my issues with the Mail app and gmail.

  2. Jonathan says:

    I still have iOS 6.0.3 installed on my iPad (iPad3,5). I won’t update to iOS 7. iOS 7’s design is ugly.

    What could happen?
    I never do something security related, except Mail, but as I’ve enabled the CRAM-MD5 feature, a MITM could only see a MD5 hash

    • Jonathan says:

      Dunno why this site has inserted a smiley into this comment. Please remove it.

    • GordyUK says:

      You’re not going to be able to hold back from ios7 forever so you may as well suck it up now and get the security update. I’m using 7.1.6 as a beta tester and i promise you it does get better

  3. Howie Isaacks says:

    Mail seems to be greatly improved by the 10.9.2 update. I don’t use Gmail, so I can’t speak about whether Gmail issues have been resolved or not. Gmail does not use standard IMAP folders, so that could be the root cause of its problems with Mail.

  4. Jim Moore says:

    I updated to IOS 7.0.6 from IOS 7.0.4 and my Airprint to my Epson 3540 printer no longer worked on my iPad. My Epson IPrint App will print. My wife is still on IOS 7.0.4 on her iPad and her Airprint continues to print to the Epson 3540. Any ideas on how to resolve or how to return my iPad to 7.0.4? Thanks.

  5. Joel Gold says:

    Follow this: I’m hanging tight with Snow Leopard on my MacBook Pro, and I like iTunes v10.7. I also have an iPod Touch 4G, which is still running iOS 5. On the iPod, I WOULD like to update to iOS 6. But, as I suspected and was confirmed by my tech, if I updated the iPod to iOS 6 it would no longer synch with iTunes on my MacBook unless I (would be forced to) also update iTunes to v11. Why is it such a big deal for Apple to support whatever combination of OS, iOS and software versions a user choses to work with?

    • matt says:

      the code and way the portage in reacts with the os and and the iOS inter ate with iTunes change ech verizon of software

  6. Mark Ross says:

    Mail wasn’t so much of a concern to me as was (is) the instability of the Mavericks OS. Sometimes everything just crawls on my Mac where it used to be pretty peppy.

    Did they TEST this piece of garbage before they released it?

    If Microsoft had done this, we’d be seeing smoke and flames in the Seattle/Bellevue area. But, it was Apple, so I guess it’s ok. Well it’s NOT ok with me. I have always expected better from Apple than this.

    • PH says:

      I agree, Mavericks shipped feeling like a beta and 10.9.1 didn’t help anything really. OS X 10.9.2 on the other hand, feels like the version that should have shipped from the get-go. It’s not perfect, but it’s so much better than it was. Don’t delay the update.

      • Doctor X says:

        Or . . . you could just stick with 10.8.5 and avoid the slow-downs, crashes, and failure of basic programs working.

        I agree with Mark that this is practically a satire of M$ updates except it is real.

  7. Dave says:

    These critical security issues need to be addressed for older devices that can’t run IOS 7. My iPhone 4 can’t load 7. Why does apple leave its users high and dry?

  8. Iris says:

    I sweated like a… to fix my mail app, it was nightmare but finally working. D
    Does anyone had his mail back to “non working” mode after upgrade?

  9. MacMaster2014 says:

    “My iPhone 4 can’t load 7. Why does apple leave its users high and dry?

    Because you have not fed them enough lately. You need to open up that wallet of yours and feed them some greenbacks and in return you will have a nice shiny new iPhone to tide you over until you starve them again.

  10. Guest says:

    Just a note: iOS 6.1.6 is available to resolve the SSL connection verification problem on devices that do not support iOS 7, like 4th generation iPod touches.

    I suggest this be added to the main post to inform users that use such devices.

  11. Ignite Mindz says:

    Does anyone have any insight on whether this still affects Snow Leopard machines?

Leave a Reply

 

Shop for Apple & Mac Deals on Amazon.com

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates