In case you missed it, Apple released an update for iOS 7 on Friday. The update was released to fix a huge security hole in how the mobile OS handles SSL communications. In effect, any communications made using iOS-based devices could be consumed entirely by hackers. Based on various reports over the past couple years, we've heard that Android represents the largest security threat to mobile users, so it's concerning to hear that Apple may have trumped Android with this latest vulnerability announcement.
Reports today suggest that the vulnerability may have been present since iOS 6 and that the NSA actually knew about it and kept mum, hoping the open hole would remain so they could continue to exploit it and get access to private communications. Apple's security fix on Friday may not be the end of it, though. A FireEye blog on Sunday suggests that iOS 7 may be vulnerable to a keylogging vulnerability. More on that as the news expands.
However, today, Apple has released a new patch for users running OS X Mavericks. This new patch includes a multitude of security fixes, but also includes a fix for an issue very similar to the iOS 7 flaw fixed on Friday. And, while today's update is targeted solely for OS X Mavericks, Apple is preparing to release a patch for other affected versions of OS X shortly.
The vulnerability now affecting both iOS and OS X, has been in place since October 2013.
To get the update open the App Store, navigate to the Updates tab.
Apple has posted a "what's in it" page on their web site: About the OS X Mavericks v10.9.2 Update