Apple releases major bug fix for iOS, iPhone, iPad

By Nico Zulli
Reporter

Apple users should update any iOS software as soon as possible because personal information is at serious risk of being stolen by hackers.

Apple Inc. informed the public this past Friday of a security issue that poses a threat to all iOS devices, including iPhones, iPads and Macintosh computers.

“There was a bug in the SSL, which is known as the Secure Socket Layer,” said Micah Lamb, ITS assistant director of systems support. “Basically, this means a glitch in the code, which is supposed to go through a series of ‘security checks’ when you perform a transaction of information between your browser and server. But with this bug, the system no longer performs these checks and leaves information vulnerable.”

This vulnerability on personal and public devices is particularly dangerous because any transaction of information on public Wi-Fi allows hackers to access sensitive user data.

While Baylor students, faculty and staff are fortunate to be at less risk because they are navigating on a more heavily secured campus network, any information transactions on public Wi-Fi off-campus may still place them at risk.

“ITS is already working to update all Baylor-owned machines around campus with these bug fixes, and there are a lot,” he said. “But we cannot do anything about personal devices. Baylor students, faculty and staff are responsible for updating their personal devices, which are vulnerable as well.”

Apple released updates, or patches, to fix the bug on the iPhone and iPad on Saturday. An update for Mac OSX was just released around noon Tuesday to fix the bug.

“I recommend that everyone run an update check on their personal devices and keep doing so until the software is completely up-to-date,” Lamb said.

Lamb also said users can navigate to the website www.gotofail.com on their Apple devices, and the website will automatically check to see if the device is vulnerable. All Mac OSX systems 10.7 or higher are affected.

With regard to whether or not mobile apps are affected, Lamb said only built-in Apple applications might be at risk because they use the same SSL as other features of the device.

“Apps like the Apple Maps app, Safari and the iTunes Store would be of concern,” he said. “But in the case of other applications, they can use their own SSL and might not be affected.”

Regardless, Lamb said the best idea is to just update every Apple device with the patches released by Apple and to be on the look out for more updates to come.

“The best way to always keep your information safe is to constantly update your devices with the latest software updates,” he said.