Skip to main content

New OS X & Safari updates patch security exploit that allowed remote infiltration

Avatar for Chance Miller  | Sep 1 2016 - 7:08 pm PT
0 Comments

Last week, Apple issued a surprise security fix for iOS that patched a vulnerability that allowed attackers to remotely gain control of a user’s device if they simply clicked a link. Now, Apple has issued the same security patch for users of OS X 10.11.6 El Capitan and 10.10.5 Yosemite.

The vulnerability has been named “Pegasus” and takes advantage of zero-day vulnerabilities to remotely jailbreak and install monitoring software on a user’s device, obviously without the user’s knowledge. Part of the exploit takes advantage of a memory corruption flaw in Safari WebKit that allows hackers to initiate the process of overtaking the operating system.

One of the nastiest aspects of this vulnerability is that it allows the attacker to intercept information from a variety of third-party apps and services, including Gmail, Facebook, Skype, WeChat, and more. These are, of course, in addition to first-party services like iMessage and FaceTime.

Last week, iOS 9.3.5 patched the same exploit. At the time, The New York Times described the exploit as an effort “to spy on dissidents and journalists.” Because the mobile and desktop versions of Safari share similar code, the exploit was essentially cross-platform.

Apple writes the following about the Safari 9.1.3 WebKit update on its support website:

WebKit

  • Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6
  • Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-4654: Citizen Lab and Lookout
For the El Capitan and Yosemite updates, Apple writes:

Kernel

  • Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  • Impact: An application may be able to disclose kernel memory
  • Description: A validation issue was addressed through improved input sanitization.
  • CVE-2016-4655: Citizen Lab and Lookout

Kernel

  • Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-4656: Citizen Lab and Lookout

Needless to say, this flaw shouldn’t be taken lightly and all OS X users should update immediately.

Add 9to5Mac to your Google News feed. 

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Mac on YouTube for more Apple news:

Comments

Guides

Mac

Mac

Apple’s Mac lineup consists of MacBook, MacBoo…

Author

Avatar for Chance Miller Chance Miller

Chance is an editor for the entire 9to5 network and covers the latest Apple news for 9to5Mac.

Tips, questions, typos to chance@9to5mac.com

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
Please wait...processing
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
Please wait...processing