The OS X Apps Affected by Apple's Unpatched Security Flaw

While Apple recently patched a major security flaw for iOS, the same vulnerability continues to affect OS X. Until Apple releases a fix—which it says will come "very soon"—here are some of the apps you should avoid using on public Wi-Fi.

Update, 2/25/14: Apple just released OS X 10.9.2, which patches the security flaw described below. Go download it from the App Store right now, preferably over a secure network.

The list comes from independent researcher Ashkan Soltani, who has been at the front of this issue since it first broke late last week. You can read more about the security flaw here, but the short version is that using these apps on OS X in a shared network—in a coffee shop or airport, for instance—leaves you susceptible to a "man in the middle" attack, in which bad guys can eavesdrop on whatever information you are relaying to and from the servers of the sites you're visiting.

In addition to Safari, according to Soltani's findings, you should avoid using the following on a shared network:

  • Calendar
  • Facetime
  • Keynote
  • Twitter
  • Mail
  • iBooks
  • Software Update

That's not to say this is a complete list; it's just what he's dug up so far. We'll continue to update as necessary, or at least until Apple releases its OS X fix. Again, you're fine using these on your secure network at home. Just maybe don't send any sensitive information through them the next time you bring your MacBook to a Starbucks. [Ashkan Soltani]