The California tech giant released its security update for the iOS 7 mobile operating system on Friday, saying that “an attacker with a privileged network position may capture or modify data” in a browsing session.
Security experts pointed out over the weekend that the same problem could affect people using Mac desktop or notebook computers.
An Apple spokesman told AFP, when asked about the Mac OS vulnerability, “We are aware of this issue and already have a software fix that will be released very soon.”
Security researcher Graham Cluley said it was “really important that you update your iPhones and iPads as quickly as possible.”
Cluley said Apple’s iOS update fixed “a critical vulnerability that could allow hackers to intercept what should have been secure communications between your iPhone and SSL-protected websites. That means, potentially, online attackers could grab your user ID or passwords as you attempted to log into popular websites.”
The first report of the flaw came from the security firm Crowdstrike in a blog post on Friday.
While Apple is working a fix for the Mac OS, some experts say users of the computers should exercise caution.
“In the meantime be careful where you browse with your OS X-based machines,” said Rick Wanner at the Sans Internet Storm Center.
Paul Ducklin at the British security firm Sophos said Apple is being more open than in the past on security.
“The good news is that Apple has broken its usual code of silence,” he said in a blog post.
“Sadly, (Apple) didn’t define ‘very soon,’ but you should watch for this patch and apply it as soon as you can.”