Apple releases Security Updates for El Capitan, Yosemite and Safari

Susie Ochs
2 September, 2016
View more articles fromthe author
AAA
News

You probably remember that last week, Apple urged all iOS 9 users to update their devices to iOS 9.3.5, which contained an essential security fix. (If you haven’t done that, go do it now!)

On Thursday, Apple provided another set of security updates, this time for the Mac. Security Update 2006-001 for El Capitan, and Security Update 2006-005 for Yosemite are rolling out now, so keep an eye on the Mac App Store and update as soon as you can. Also available is Safari 9.1.3, which is for El Capitan, Yosemite and OS X 10.9.5 Mavericks.

Glenn Fleishman explains the three separate zero-day exploits patched in iOS 9.3.5, which are very targeted, but could allow full access to a compromised device. The flaws were reported by Citizen Lab and Lookout Security, and those names pop up again in today’s security updates for the Mac.

The exploits require the user to open a URL from an SMS message, which then executes remote binary files in the OS that dig into the kernel and allow unauthorised software to be installed – in iOS this effectively jailbreaks your device behind your back.

According to Apple’s release notes, the Mac security updates released today will prevent applications from disclosing kernel memory and executing arbitrary code with kernel privileges. Safari’s patch fixes a memory corruption issue that would allow a malicious website to execute arbitrary code in the first place, namely the malware that’s trying to get into your kernel.

In other words, you need these patches. So go get ’em.

One Comment

One person was compelled to have their say. We encourage you to do the same..

  1. Tom Hallam says:

    I think you’re missing a 1 from your update identifier. Otherwise this info is 10 years out of date and is for Mac OS X 10.4.5 (Intel) https://support.apple.com/kb/DL394?locale=en_US

Leave a Comment

Please keep your comments friendly on the topic.

Contact us