Skip to main content

security update

See All Stories
Site default logo image

Apple releases security update for Yosemite 10.10.2, iPhoto update to improve transition to Photos

Apple has released a new security update for OS X Yosemite, and a separate version of the update for Macs released in early 2015, including the new 13″ MacBook Pro with Force Touch trackpads and the upcoming MacBook.

The update is available for users running OS X 10.10.2 in the Updates tab of the Mac App Store, or as a standalone installer at the links above. Users on the public beta of OS X 10.10.3 apparently do not need the update, since the newer operating system likely already includes fixes for the problems addressed by this release.

Apple has not yet released the update notes to explain what has been fixed.

iPhoto has also been updated to improve compatibility with the upcoming Photos app that replaces it:
Expand
Expanding
Close

Site default logo image

Apple pushes security updates to iOS and OS X, ending FREAK vulnerability

Apple has pushed security updates to both iOS and OS X, ending their vulnerability to the FREAK exploit which allowed hackers access to personal data during encrypted sessions on a number of major websites. Android and Windows devices were also vulnerable.

At the time the exploit was discovered, affected websites included American Express, Airtel, Bloomberg, Business Insider, Groupon, Marriott and, ironically, the FBI, NSA and White House sites. Hackers could force the sites to use a less-secure form of encryption that could be relatively easily cracked. Apple’s fix prevents iOS and OS X from using the lower level of encryption even if the site requests it.

The fix is included in iOS 8.2, released yesterday. iOS 8.2 added support for the Apple Watch, improved the Health app and fixed a number of bugs, including an SMS reboot. It was also rolled into today’s Apple TV 7.1 update. The OS X fix is available as a standalone software update. From the Apple menu, select App Store then the Updates tab; a restart is required.

Site default logo image

Apple releases critical NTP Security Update for OS X Yosemite, Mavericks, & Mountain Lion

Apple today released an OS X NTP Security Update for Mac users running 10.10 Yosemite, 10.9 Mavericks, and 10.8 Mountain Lion. The update is recommended for all users and fixes a “critical security issue with the software that provides the Network Time Protocol service for OS X,” according to Apple. Check the Updates tab of the Mac App Store to grab the security update. More details regarding the security update for OS X are able through this support document.

Site default logo image

Apple pushes OS X security update, Safari 7.0.3

Alongside the release of iOS 7.1.1 for iPhone, iPad, and iPod touch, Apple has released a security update for OS X.

Security Update 2014-002 is recommended for all users and improves the security of OS X. This update also includes Safari 7.0.3.

While the update does not seem as severe as the previous security update containing a major SSL fix, it is recommended that all users update to the most recent version of OS X. The security update also includes a minor update to Safari.

This update:
Fixes an issue that could cause the search and address field to load a webpage or send a search term before the return key is pressed
Improves credit card autofill compatibility with websites
Fixes an issue that could block receipt of push notifications from websites
Adds a preference to turn off push notification prompts from websites
Adds support for webpages with generic top-level domains
Strengthens Safari sandboxing
Fixes security issues, including several identified in recent security competitions

The update is available now on the Mac App Store. You can read more about the security update here and Safari 7.0.3 here.

Site default logo image

Adobe releases critical security update for Flash exploit

Adobe released a critical security update to its Flash Player plug-in (version 12.0.0.44) on Tuesday that addresses an exploit that put machines at risk of being remotely accessed by attackers. You can grab the latest version of Flash Player here (OS X and Windows) or check for updates in the System Preferences app… or you could remove Flash altogether with Adobe’s uninstaller.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications