Apple Fixes Logjam Security Flaw in iOS 8.4

Apple released Mac OS X Yosemite 10.10.4 and iOS 8.4 on Tuesday in tandem with the launch of their much anticipated Apple Music streaming service.  Whether or not you’re eager to try Apple Music you will want to grab the latest Mac and iOS releases since they contain several security fixes including the logjam flaw.  Apple makes sure not to disclose security issues until a fix is released.  Now that Mac OS X 10.10 4 and iOS 8.4 are available the security flaws in the previous versions are readily available.  That means you should update to the latest version as soon as possible.

Apple

Apple Mac OS X and iOS are closed operating systems.  That has it’s advantages and disadvantages.  When it comes to security, having a closed system has helped Apple protect it’s customers.  Not that their aren’t security flaws but Apple has done a pretty good job of addressing them and keeping the information private until a fix is available.  Customers can easily upgrade to Mac OS X Yosemite 10.10.4 and iOS 8.4 anytime.

Security Fixes in iOS 8.4

According to the iOS 8.4 security content update page the new mobile OS will fix several security issues.  The iOS 8.4 release contains security fixes to stop remote code execution attacks and man-in-the-middle attacks.  Perhaps the biggest security update for iPhone and iPad users is a fix for the Logjam flaw.  An attacker was able to intercept SSL/TLS connections.  The flaw left users open to man-in-the-middle attacks.  Apple fixed the security hole in iOS 8.4.  They describe the issue in more detail:

coreTLS accepted short ephemeral Diffie-Hellman (DH) keys, as used in export-strength ephemeral DH cipher suites. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported an export-strength ephemeral DH cipher suite. The issue was addressed by increasing the default minimum size allowed for DH ephemeral keys to 768 bits.

Security Fixes in Mac OS X Yosemite 10.10.4

According to the Apple Mas OS X Yosemite v10.10.4 update page the new version will improve network reliability, fixes an issue that could cause delays in outgoing mail messages, and fixes an issue that could stop users from moving away from a website by presenting repetitive Javascript alerts.  Those are just a few of the fixes in Mac OS X 10.10.4.  On the security side Apple patched some security holes including remote code execution flaws and other holes that could leave users open to attack.

As you can see there are plenty of reasons to upgrade to the latest Mac OS X Yosemite 10.10.4 and iOS 8.4 releases.  Mobile users can upgrade to iOS 8.4 by going to “Settings”, then “General” and finally “Software Update” to check for the new version.  You will need to be on wifi to download iOS 8.4 which is 1.2 GB in size.  Mac users can download the latest Yosemite release through the app store.  Mac OS X 10.10.4 may take a little time to pull down since the file size is 5.67 GB.  You may also consider a VPN to help protect your privacy.  The top services have custom apps for both Mac and iOS.