Date: Friday, September 2nd, 2016, 05:55
Category: News, security, Software
Because security updates are a good thing.
On Thursday, Apple released Security Update 2016-001 for users of OS X 10.10 Yosemite and OS X 10.11 El Capitan. The fix covers assorted zero-day exploits that could allow full access to a device and updates Safari to version 9.3.5 to patch security holes in the browser as well.
The exploits require the user to open a URL from an SMS message, which then executes remote binary files in the OS that dig into the kernel and allow unauthorized software to be installed—in iOS this effectively jailbreaks your device behind your back.
Apple’s release notes state that the Mac security updates released today will prevent applications from disclosing kernel memory and executing arbitrary code with kernel privileges. Safari’s patch fixes a memory corruption issue that would allow a malicious website to execute arbitrary code in the first place, namely the malware that’s trying to get into your kernel.