Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Think you're all done patching? Not if you have any Apple gear

OS X, iOS, Safari, pretty much everything anyone still buys has been patched

Apple has joined the likes of Microsoft and Adobe in releasing patches for dozens of security holes in its products.

The Cupertino design studio has posted updates for nearly all of its product lines, fixing security holes in iOS, OS X, watchOS, tvOS, Safari, and Xcode.

For OS X users, the update is packaged as El Capitan 10.11.2 or Security Update 2015-008 for Yosemite and Mavericks. It addresses 54 CVE-listed security flaws in the Apple desktop OS, including remote code execution vulnerabilities in the OS X Kernel, CoreGraphics, and OpenGL.

Though Apple said that it recommends all OS X users install the update, it cautioned that the fix will also disable QuickTime 7, and anyone who needs to use the plug-in to view content will need to manually enable it in Safari.

Speaking of Safari, Apple has posted a separate update to fix 12 flaws in the browser's WebKit engine, including vulnerabilities that can be targeted for remote code execution attacks. Users should update to Safari 9.0.2 to get the fixes.

Also among the updates is iOS 9.2. It will patch 50 CVE-listed flaws in iOS, including 11 flaws for the WebKit engine. Users can obtain the update through iTunes or the Software Update tool in the iOS settings app.

In addition to the security fixes, iOS 9.2 will add new features for Apple Music, News, and Mail.

For Apple Watch owners, there is watchOS 2.1, which includes patches for 30 CVE-listed issues. Among the patched flaws are vulnerabilities that could allow for remote code execution, denial of service, and elevation of privilege attacks.

Those owning the new fourth-generation AppleTV will be asked to install the tvOS 9.1 update. The fix addresses 48 CVE-listed holes in the set-top box, including many of the WebKit and Kernel flaws patched in the other Apple Updates.

Finally, Apple has posted an update for its Xcode developer tools, addressing flaws in the Git, IDE SCM, and otools components. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like