To: IT Partners; Mac Partners
From: Andrew Munchbach
Subject: Apple Issues OS X Update to Address SSL Flaw
Apple has released a critical security updated for OS X Mavericks (10.9) and Mountain Lion (10.8) to address a flaw discovered in SSL/TLS. SSL (Secure Sockets Layer) is part of the TLS (Transport Layer Security) protocol and is used to encrypt sensitive information, often in a browser, as it traverses the Internet.
The flaw, as described by Apple, can provide "an attacker with a privileged network position [with the ability to] capture or modify data in sessions protected by SSL/TLS."
It is recommended that all OS X users update their machines as soon as possible.
Information on how to update your OS X machine can be found on Apple's website http://support.apple.com/kb/HT1338.
Those that need assistance updating OS X machine should contact their local IT support liaison or the IS&T Help Desk http://ist.mit.edu/help.
Network Security Analyst
Massachusetts Institute of Technology
IS&T | Operations & Infrastructure | Security Operations