Apple Security Update

Critical Apple Security Fix: Network time protocol fix for OS X users

Apple have just released a new security update that addresses a “critical security issue” concerning the Network Time Protocol service on OS X. It is recommended that all users of Yosemite, Mavericks, and Mountain Lion install the update immediately.

Official Blurb:

Google Security Team researchers Neel Mehta and Stephen Roettger have coordinated multiple vulnerabilities with CERT/CC concerning the Network Time Protocol (NTP). As NTP is widely used within operational Industrial Control Systems deployments, NCCIC/ICS-CERT is providing this information for US Critical Infrastructure asset owners and operators for awareness and to identify mitigations for affected devices. ICS-CERT may release updates as additional information becomes available.

These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available.

Products using NTP service prior to NTP–4.2.8 are affected. No specific vendor is specified because this is an open source protocol.

The security update can be downloaded from the Mac App Store.




Leave a Reply

Your email address will not be published. Required fields are marked *