Partners: Security Should Be Priority In Apple iOS, OS X Upgrades

Apple Wednesday released performance upgrades and bug fixes for its iOS and OS X software across iPhones, Macs and iPads.

Partners stressed the significance of fixing bugs on Macs and iPhones through the upgrades, saying security is especially important for the enterprise.

"For enterprise customers, security is the number one thing, especially with financial clients … they need that extra layer of security," said Steven Kantorowitz, president of CelPro Associates, an Apple partner based in New York.

[Related: Apple iPhone 6s, 6s Plus Production Cuts: Investors Panic, Channel Shrugs]

id
unit-1659132512259
type
Sponsored post

The new OS X 10.11.13 upgrade for Macs fixes an array of security holes, including one important fix for a bug that could let attackers steal iPhone cookies and impersonate victims.

This bug comes from an embedded browser that pops up when users connect to a public Wi-Fi network, enabling attackers to steal cookies associated with a site and carry out session fixation attacks, meaning that they can log the user into an account controlled by the attacker.

The bug was discovered in 2013 by Israeli mobile security firm Skycure but wasn't fixed until this past upgrade. iOS 9.2.1 contains similar security fixes.

"It's pretty important to keep up with security. … Apple has been really good about security but, in general, customers are realizing that the Mac is not some sort of magic formula for security," said Michael Oh, chief technology officer and founder of TSP, a Boston-based Apple partner. "A lot of today's security issues come through email, clicking on links and phishing. … There's a more general awareness that these problems have more to do with user behavior, not technology."

One bug that was not fixed in the latest upgrade was the battery meter bug. The battery meter bug shows up when users change the time on their phone manually or move to a different time zone. This bug causes the phone to shut down despite displaying a full battery. Partners said that the bug has been a pain point with their customers.

"The battery meter bug should be a top priority; people don't want to keep downloading updates. … It’s a little disillusioning that Apple wouldn't fix this," said Kantorowitz.

The upgrade for iOS also includes a fix for multiple memory corruption flaws and a fix for an issue that could prevent the completion of app installation when the user is on a mobile device management server.