Apple releases key security updates
Apple recently released the latest round of security updates for all of its operating systems and key software programs. The updates all hit the web on July 18th and are officially available for download as we speak. Here’s a brief rundown of each update, what it includes, and why you should make a point to install it ASAP.
OS X El Capitan v10.11.6 and Security Update 2016-004: Apple’s rundown of security fixes for El Capitan should be more or less familiar to anyone who has ever read the notes on one of the company’s OS X security updates. Of course, the actual fixes are different, but the problems they are there to solve—arbitrary code execution, denials of service, local network attacks, elevation of user privileges, etc.—are similar to the problems that have inspired OS X security updates in the past. The v10.11.6 update fixes a FaceTime issue that made it possible for audio transmission to continue after a call had been terminated. It also prevents “maliciously crafted audio files” from disclosing user information.
Note: Security Update 2016-004 is also available for older versions of Mac OS X, including Mavericks and Yosemite.
iOS 9.3.3: Recent security issues with iOS include a vulnerability that allowed hackers to restart devices remotely by sending malicious Calendar invites. The same FaceTime audio transmission bug that affected OS X was also present on iOS, as were various arbitrary code execution vulnerabilities and the like. The iOS 9.3.3 update patches all of these security concerns and more.
watchOS 2.2.2: Unlike OS X and iOS, the Apple Watch operating system had no glaring problems with specific programs or applications. Instead, the bugs here were in vital operating system components like Kernel or CoreGraphics. The fixes will defend the OS against denial of service, code execution, disclosure of user information, and more.
tvOS 9.2.2: Only compatible with the fourth generation Apple TV, the tvOS 9.2.2 update fixes numerous WebKit bugs, which would have allowed hackers to attack an Apple TV and execute code via malicious web content. Other issues were similar to the problems patched for watchOS.
Safari 9.1.2: All of the security fixes for Safari involve the WebKit. Apple’s proprietary web browser had numerous vulnerabilities where hackers could use malicious websites to attack Safari users. Hackers could then use these malicious sites to execute arbitrary code, launch denial of service attacks, or compromise your computer’s file system and the user information inside.
iTunes 12.4.2: This latest security update for iTunes patches a vulnerability that would have allowed hackers to access user information by having iTunes process a malicious XML document (such as a playlist file). The update also fixes several memory corruption problems that existed in the previous version of iTunes 12. This update is only applicable for iTunes users who are running the program on a Windows machine.
To read more about Apple’s various new security updates, click here.