Apple Releases Patches for iOS, OS X and Safari

January 20, 2016

Apple on Tuesday released security patches for iOS, OS X and an update for the Safari browser.

The patches come less than a week after a ShmooCon presentation by Synack director of research Patrick Wardle revealed that Apple’s Gatekeeper security feature in OS X can be bypassed by an attacker with network-level access.

The OS X update, El Capitan 10.11.3, patches nine vulnerabilities flaws including memory corruption issues in the OS X kernel, Apple Graphics Power Management, Disk Images, IOAccelerator Family, IOHIDFamily, and IOKit that enable attackers on the local network to execute arbitrary code with local privileges.

Apple also patched a type confusion issue in libxslt that can be executed in a web-based attack leading to code execution; the flaw affects Mavericks, Yosemite and current versions of El Capitan.

Read full story…