Apple Patches 2 Critical Security Flaws in OS X Yosemite and El Capitan

1 minute read
| Product News

Apple released separate security updates for OS X Yosemite and OS X El Capitan on Thursday. Both updates patch the same two critical security flaws. One flaw potentially exposed kernel memory, and the other allowed a maliciously crafted app to take over your system.

bug-browser-window

The update for Yosemite is: Security Update 2016-005 (10.10.5) – (468MB Download)

The update for El Capitan is: Security Update 2016-001 (10.11.6) – (414.9MB Download)

The patch notes for both say simply that the update, “is recommended for all users and improves the security of OS X.”

Nuts and Bolts

Apple’s security update site, though, specifies the following for both updates:

Kernel

  • Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  • Impact: An application may be able to disclose kernel memory
  • Description: A validation issue was addressed through improved input sanitization.
  • CVE-2016-4655: Citizen Lab and Lookout

Kernel

  • Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-4656: Citizen Lab and Lookout

The download sizes above are for the standalone updates available through Apple’s support site. You can also download the update for your OS through the Mac App Store.

1
Leave a Reply

Please Login to comment
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
BobStacy Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
BobStacy
Member
BobStacy

Great. Thanks for the heads up!