Apple patches major security bug on Apple TV via 6.0.2 update

by Roshan • February 23, 2014 February 24, 2014 in Popular

This Friday, Apple revealed a major security glitch in Apple’s iOS devices, relatated to SSL implementation. Later analysts looked into it only to find that OS X and Apple TV are also affected and that it is an easily exploitable yet a seriously injurious one.

I’m not going to talk details about the Apple bug except to say the following. It is seriously exploitable and not yet under control.
— Matthew Green (@matthew_d_green) February 21, 2014

The bug seems to result in failed validation of SSL certification of sites. And for users that would mean, many data which are supposed to be secure are being transferred un-encrypted. Though domain access seems to be protected, direct SSL connections to IP addresses was found to be exploitable. So a hacker’s access to data used through Safari is unlikely, but to that through apps is possible as most of them communicates directly with their servers. And that is why Apple TV apps can also be affected.

Apple describes the vulnerability as follows:

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

You can read more on the bug here.

But no worries, Apple is quick to seal the bleed and released new software updates for the affected devices. 7.0.6 for iOS devices, 6.1.6 for older iOS devices and 6.0.2 for Apple TV 2 and 3 are now available. You can goto Settings > General > Software update to check for and install the new firmware.

However OS X bug is still unrepaired, during the time of writing. You can quickly browse to gotofail.com to find out if any of your device is vulnerable. If yes, I recommend you guys to update immediately. Else any hacker could pose as a secure site and pull you data.

Now, though things have settled a bit for users, they are far from over for Apple. It is still uncertain as to when the bug was introduced (surely before iOS 6) and whether anybody has already been victim to unauthorized access. Many developers have explained on their blogs as to how the bug works and how it could be exploited and this could pose a great threat to those who haven’t patched it yet.

On the other hand, some are accusing this to be an intentional backdoor for NSA access while others are wondering if there are more such simple, unnoticed security breach roads. Only time will tell if Apple will shine above these dark clouds or get buried in lawsuits.

Be sure to follow Apple TV Hacks on Facebook, Twitter and Google+ for all the latest Apple TV-related news.

Tagged in: 6.0.2 / apple / Apple TV 2 / apple tv 3 / apple tv update / atv / bug / hack / ios 7 / patch / security / software update / ssl / update / vulnerability

Roshan

All Roshan's Posts

From the first iPod Touch till the new iPhone 6 Plus, Roshan has loved each of his iDevices and has been busy tweaking and getting the most out of them. As a Med student from India, he splits his time between studying diseases and writing about his iOS passion. When not on the web, you could find him glued to TV Shows, movies or the bed! You can find more of his writings on his personal blog.

Comments

Be The First to Comment

Apple patches major security bug on Apple TV via 6.0.2 update

Roshan

Comments

Related Reads

ecobee3 HomeKit-enabled thermostat now available, Google’s Nest kicked from the Apple Store

$100 Bounty on Apple TV Harddrive Upgrade

Black Friday: best deals on skins/stickers for Apple TV (1st, 2nd, 3rd and 4th gen.)

What to Watch This Weekend on Netflix, Hulu Plus and iTunes with Your Apple TV (Jan. 24 – 26)

AT&T DirecTV Now Subscribers Will Get Free Apple TV

Connect With Us