Security experts have advised companies to ban employees using Mac laptops to connect to public Wi-Fi networks, including those at the RSA Conference this week, until Apple releases a patch for a serious vulnerability that can be easily exploited in a man-in-the-middle attack.
A coding error in the authentication logic in Mac OS X 10.9.1, the latest version, makes it possible for an attacker to bypass the SSL/TLS verification routines upon the initial connection handshake between the client and a remote server. SSL/TLS are cryptographic protocols used in securing communications over the Internet.
By circumventing the verification process, an attacker on a public network could masquerade as the destination, such as a webmail provider, and intercept encrypted traffic, according to security firm CrowdStrike. The attacker could also modify data in flight to deliver exploits capable of taking control of a Mac.
"The recommendation that we've certainly told both our employees and our customers is to not connect to any untrusted network until a patch is available from Apple," Dmitri Alperovitch, chief technology officer for CrowdStrike, said. "The situation is pretty dangerous."
Apple said in an emailed statement Monday, "We are aware of this issue and already have a software fix that will be released very soon."
In the meantime, examples of networks Mac users should avoid include those in hotels, airplanes, Starbucks and the RSA Conference, a major security event going on in San Francisco.
"None of them are safe," Alperovitch said.
Researcher Adam Langley also confirmed the vulnerability and posted a more technical explanation.
The flaw affects any application on the Mac that uses SSL/TLS, including Safari, messaging apps and even Apple's software update. Browsers Chrome and Firefox are not affected because they use NSS, which is a different set of cryptographic libraries for client and server communications.
Brent Bandelgar, associate security consultant at Neohapsis, said the bug was not in the previous version of Mac OS X, 10.8.5.
Holdouts still on the previous OS X release, Mountain Lion, are safe," he said in an email.
A man-in-the-middle attack is a form of active eavesdropping in which a hacker makes an independent connection between a client and its destination server. The hacker relays messages between them, making them believe they are talking to each other over a private connection. In fact, the attacker is controlling the entire conversation.
With the Apple flaw, the attacker would have to be on the same public network. Once there, the exploit would not be difficult, Alperovitch said.
"Essentially, anyone on the public network can do a man-in-the-middle attack fairly easy and spoof SSL Web servers," he said.
The same flaw is in the latest version of iOS, Apple's operating system for the iPhone and iPad. The company released a patch for the vulnerability over the weekend.