Apple has released a supplemental security update to OS X El Capitan, the version prior to macOS Sierra. The update weighs in at 623.9MB and can be found in the Mac App Store on compatible machines.
Apple has released a new security update for OS X Yosemite, and a separate version of the update for Macs released in early 2015, including the new 13″ MacBook Pro with Force Touch trackpads and the upcoming MacBook.
The update is available for users running OS X 10.10.2 in the Updates tab of the Mac App Store, or as a standalone installer at the links above. Users on the public beta of OS X 10.10.3 apparently do not need the update, since the newer operating system likely already includes fixes for the problems addressed by this release.
Apple has not yet released the update notes to explain what has been fixed.
iPhoto has also been updated to improve compatibility with the upcoming Photos app that replaces it:
Expand
Expanding
Close
Apple has pushed security updates to both iOS and OS X, ending their vulnerability to the FREAK exploit which allowed hackers access to personal data during encrypted sessions on a number of major websites. Android and Windows devices were also vulnerable.
At the time the exploit was discovered, affected websites included American Express, Airtel, Bloomberg, Business Insider, Groupon, Marriott and, ironically, the FBI, NSA and White House sites. Hackers could force the sites to use a less-secure form of encryption that could be relatively easily cracked. Apple’s fix prevents iOS and OS X from using the lower level of encryption even if the site requests it.
The fix is included in iOS 8.2, released yesterday. iOS 8.2 added support for the Apple Watch, improved the Health app and fixed a number of bugs, including an SMS reboot. It was also rolled into today’s Apple TV 7.1 update. The OS X fix is available as a standalone software update. From the Apple menu, select App Store then the Updates tab; a restart is required.
Apple today released an OS X NTP Security Update for Mac users running 10.10 Yosemite, 10.9 Mavericks, and 10.8 Mountain Lion. The update is recommended for all users and fixes a “critical security issue with the software that provides the Network Time Protocol service for OS X,” according to Apple. Check the Updates tab of the Mac App Store to grab the security update. More details regarding the security update for OS X are able through this support document.
Alongside the release of iOS 7.1.1 for iPhone, iPad, and iPod touch, Apple has released a security update for OS X.
Security Update 2014-002 is recommended for all users and improves the security of OS X. This update also includes Safari 7.0.3.
While the update does not seem as severe as the previous security update containing a major SSL fix, it is recommended that all users update to the most recent version of OS X. The security update also includes a minor update to Safari.
This update:
Fixes an issue that could cause the search and address field to load a webpage or send a search term before the return key is pressed
Improves credit card autofill compatibility with websites
Fixes an issue that could block receipt of push notifications from websites
Adds a preference to turn off push notification prompts from websites
Adds support for webpages with generic top-level domains
Strengthens Safari sandboxing
Fixes security issues, including several identified in recent security competitions
The update is available now on the Mac App Store. You can read more about the security update here and Safari 7.0.3 here.
Adobe released a critical security update to its Flash Player plug-in (version 12.0.0.44) on Tuesday that addresses an exploit that put machines at risk of being remotely accessed by attackers. You can grab the latest version of Flash Player here (OS X and Windows) or check for updates in the System Preferences app… or you could remove Flash altogether with Adobe’s uninstaller.
Apple has just posted Security Update 2013-002 for OS X 10.7.5 and 10.8.x. The Apple Security Updates knowledge base page hasn’t been updated with details regarding the update, but it’s recommended for all users to download and install through Software Update or apple.com.
