Apple releases major security updates

Apple has released major security updates for OS X and iOS, which address a number of vulnerabilities and bugs.

OS X Server v4.1.5 is available for OS X Yosemite v10.10.5 and later editions, while iOS 8.4.1 is available for iPhones (from 4s onwards), fifth generation iPods and iPad 2 and its subsequent editions.

OS X Yosemite 10.10.5 and Security Update 2015-006 meanwhile, is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4, while Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.4.

Here are a selection of improvements (for a more comprehensive overview, please visit the respective pages above).

OS X Server v4.1.5

Bind

This update deals with a flaw that may allow an attacker to remotely carry out a denial-of-service attack (DoS). Accordingly, BIND was updated to version 9.9.7-P2.

iOS 8.4.1

They have been numerous issues in need of resolution with iOS, some of which are outlined here.

Cloud Kit

It was feasible for a malicious application to acquire “the iCloud user record of a previously signed in user”. Improved state handling has resolved this.

Safari

Researchers spotted a defect that meant a “hacked website” could, in effect, deliver an endless number of messages, tricking an individual into believing their browser was lockerd.

OS X Yosemite v10.10.5 and Security Update 2015-006

Bluetooth

Apple discovered an issue whereby a malicious app could enter a Bluetooth paired Mac’s – or iOS device – notification center through its notification center service. It was settled through removing access to this service.

Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8

WebKit

Improved cooking handling has fixed two issues that meant there was a chance of cookies being “leaked” during content security policy report requests.

In addition to these updates, we recommend all Mac users to install a security solution to keep their devices secure and protected.

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.