What you REALLY need to know about that Apple security flaw

What you REALLY need to know about that Apple security flaw »Play Video

Apple released an update on Saturday for a security flaw experts are calling "critical," "major," and as "bad as you can imagine."

The flaw affects any Apple device connected to any public wireless network.

Computer security experts say a simple mistake in Apple's software could expose everything you send and receive when visiting any website.

"This is a very serious flaw," said Victor Luft, a computer programmer from Vancouver.

Luft says the mistake can be traced to eight letters buried deep inside Apple's software code that runs devices like iPhones and iPads.

The problem stems when you connect your iPhone, iPad or Apple device to a wireless network.

Apple's software uses a set of instructions to test whether the connection is secure and private, allowing you to send and receive information on websites like Facebook, Twitter, Gmail, online stores, banks, financial institutions, and many other websites you probably use all the time.

The set of instructions is called a handshake.

Luft says an Apple programmer accidentally duplicated a single line of code.

That line includes an eight-letter command, "goto fail," which appears twice.

"It's exactly as simple as that," said Luft. "It could be a mistake copying and pasting the same line twice."

A small mistake, perhaps, but it exposes millions of people to huge risks.

"The code will think it's still a secure connection. The iPhone and iPad will still think it's a secure connection. But it's actually an insecure connection," said Luft.

An insecure connection would allow anyone else connected to the same wireless network to intercept everything you send and receive on any website you visit.

What's more, there would be no way to detect the problem.

"Everything would still appear the same," said Luft.

It is unknown how Apple discovered the flaw or if hackers have exploited it.

You can update your iPhone by clicking on settings, then general, and then software update.