Apple has released a security update for Mac OS X Yosemite that fixes two vulnerabilities in the operating system, which could allow an attacker at worst arbitrary code with system privileges on the computer. The first problem was in the iCloud Keychain and occurred in the processing of data during the recover of the iCloud Keychain.
An attacker with a "privileged" network position could then execute arbitrary code via several buffer overflows. The second leak that Apple has solved ensured that could run malicious app code with system privileges. Security Update 2015-003 for Mac OS X 10.10.2 Yosemite also includes the contents of Security Update 2015-002 . The updates can be downloaded via the Mac App Store and Apple's download site .
No comments:
Post a Comment