Apple patches OS X against FREAK flaw

Apple has issued a large set of security updates for its OS X desktop and laptop operating system, including a fix for the FREAK secure sockets layer/transport layer protocol bug.

The company today said it had addressed the bug - which allowed attackers to break encryption by forcing servers to downgrade to weak cipher keys - by removing support for ephemeral RSA keys.

It said FREAK only affected connections to servers which support export-strength RSA cupher suites.

FREAK arose in the late 1990s when a former US government policy banned the export of strong encryption, requiring weaker "export-grade" products to be shipped to customers outside of the US.

The weaker keys continued to be used by software companies after the policy was canned, and was only noticed this year by the group of cryptographers at INRIA, Microsoft Research and IMDEA.

In its security update 2015-002 today, Apple said its fix was available for three versions of OS X, including Mountain Lion 10.8.5, Mavericks 10.9.5 and the latest Yosemite 10.10.2.

Apple also pushed several other security updates, including three flaws in low-level operating system components that could be used to execute arbitrary code with system privileges.

The company also patched the iCloud Keychain authentication utility against attackers who, if they obtain a privileged man in the middle network position, could use buffer overflows in the tool to run arbitrary code on victims' systems.

A memory address space layout randomisation bug that leaked the location of kernel addresses and heap permutation values has also been fixed.

This flaw was discovered by the Chinese TaIG team which makes so-called jailbreaks for Apple's iOS mobile operating system. The vulnerability allows users to obtain administrator rights or root privileges on their device, in order to install software from other sources than Apple's App Store.