Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Security Update 2015-008 (Mavericks) and 2015-006 (Yosemite)

Apple has issued Security Update 2015-008 for OS X 10.9 Mavericks and Security Update 2015-006 for 10.10 Yosemite with some patches specific to these older releases sprinkled in amongst the security fixes that appear in the concurrently released OS X 10.11.2 El Capitan (see “OS X 10.11.2 Focuses on Improving Reliability and Security,” 8 December 2015). Initially, Apple had released Security Update 2015-005 for Yosemite, but it replaced that download with the new Security Update 2015-006 without comment, other than to note that the new update includes all the security patches from the previous one. Make sure to get the latest version, regardless.

In particular, the two security updates address multiple memory corruption issues in ImageIO, OpenGL, CoreGraphics, and CoreMedia Playback, as well as a memory corruption issue related to the handling of iWork files — all of which could lead to arbitrary code execution. Additionally, the updates fix an issue that existed in the validation of access control lists for keychain items, which could grant a malicious application access to a user’s keychain items. The security updates are available via Software Update or via direct download from Apple’s Support Downloads Web site. (Free. For 10.9.5 Mavericks, 288.3 MB; for 10.10.5 Yosemite, 369 MB)

 

Make friends and influence people by sponsoring TidBITS!
Put your company and products in front of tens of thousands of
savvy, committed Apple users who actually buy stuff.
More information: <http://tidbits.com/advertising.html>
 

Comments about Security Update 2015-008 (Mavericks) and 2015-006 (Yosemite)
(Comments are closed.)

Billy Y  2015-12-11 21:10
Anybody know what happened to Security Update 2015-005 for 10.10.5 Yosemite? The download button on the link provided by Apple is 404ing...
Billy Y  2015-12-13 02:30
Now it's named 2015-006 (not -005) and the download link is working. Heh...
Adam Engst  An apple icon for a TidBITS Staffer 2015-12-14 18:12
Thanks - no idea why Apple renamed it underneath us.