Grab your iOS and OS X devices — this is a security update you can’t afford to ignore.
According to a study by Chitika released yesterday, only 25.9% of users have updated their operating system with a bug fix that prevents third parties from intercepting and fiddling with activity on an iOS device.
More specifically, without the update, the system does not check SSL/TLS hostnames, so connections that should be encrypted are left wide open.
The same security hole is also apparent in systems running OS X Mavericks.
iOS devices (all iPhone, iPad, and iPod Touch devices)
By now, a pop-up notification should have appeared on your phone, alerting you to update the system. But, if you ignored it, or never received it, here’s how to find it:
Go to Settings > General > Software Update. Those running iOS 7 will see the 7.0.6 update, while those running iOS 6 on older devices (including the iPhone 3GS and the 4th-gen iPod Touch) will see the iOS 6.1.6 update. Tap “Install Now” to get the update.
Once you’ve updated, the Software Update screen will indicate that “Your software is up to date.”
Mac OS X Mavericks
iOS wasn’t the only system affected by this security hole. Apple also released an OS X Mavericks system update Tuesday that patches the same hole that allows “an attacker” to “capture or modify data” transferred with Safari, Mail, iCloud and other Apple-created applications, according to Apple.
On Mavericks, system updates are conducted through the Mac App Store, but you won’t find the system update by launching it. Instead, open the Mac menu (the Apple logo), and click “Software Update.”
The Mac App Store will launch, and you’ll see the system update, along with other app updates. Choose to update the Software Updates, or click “Update All” to install all listed updates, including apps.