Apple and the ‘goto fail’ Bug

Late last week, Apple delivered iOS 7.0.6 and iOS 6.1.6 to address the “goto fail” bug in iOS and Apple TV OS 6.0.2 as well. This week it released OS X 10.9.2, Security Update 2014-001 for OS X 10.7 and newer, Safari 6.1.2 and 7.0.2 so everyone running OS X 10.7 Lion and newer will be safe.

gotofail.com

That begs the question: What about older versions of OS X?

If you’ve read the headlines on Computerworld, Slashdot, and Cult of Mac, you may believe that because Apple didn’t release a patch for OS X 10.6 Snow Leopard, it’s insecure. Nothing could be further from the truth.

Safe Versions

There’s an easy way to find out if you Mac and browser are safe or endangered. Point your browser to https://gotofail.com/ and see what message you get. Testing with OS X 10.6 and Safari, Chrome, Firefox, Opera, and Camino browsers, I learned that Snow Leopard is safe. The “goto fail” bug arrived with OS X 10.7 Lion.

Others on the Low End Mac Facebook page took it upon themselves to test their own setup. Troy Haliwell tested OS X 10.5.8 Leopard with Safari 5.0.6 and TenFourFox 24.3.0 and reports they are safe. Theodore Waddell is running OS X 10.4.11 Tiger and notes that Safari, TenFourFox, and Sunrise all pass. And on the iOS side, David James says that iOS 5.1.1 is also safe.

Endangered Versions

If you are running iOS 6.0 through 6.1.5 or 7.0 through 7.0.5, you should update immediately. Go to
Settings > General > Software Update, and if your iDevice has enough free space, you can install the update directly. If not, you’ll want to use iTunes to perform the update, and you may still need to clear some space, but probably not as much as doing the update within iOS.

If you are using OS X 10.7 Lion or 10.8 Mountain Lion, be sure to get the security update and newest version of Safari. If you have OS X 10.9 Mavericks, get version 10.9.2 and the security update and the latest Safari.

Keyword: #gotofail

Short link: http://goo.gl/0DFUFt

searchword: gotofail

This site uses Akismet to reduce spam. Learn how your comment data is processed.