Security Update 2017-001 (Yosemite and El Capitan)
Apple has released Security Update 2017-001 for OS X 10.10 Yosemite and 10.11 El Capitan, bringing a few select patches from the macOS 10.12.4 Sierra release to the two older operating systems (see “Apple Releases macOS 10.12.4, watchOS 3.2, and tvOS 10.2,” 27 March 2017). The security update addresses a memory corruption issue in both systems that could allow a maliciously crafted JPEG file to arbitrarily execute code, as well as a timing side channel issue that affected El Capitan that could leak sensitive user information. (Free. For 10.10.5 Yosemite, 495.2 MB; for 10.11.6 El Capitan,
700.6 MB; security content release notes)
Patches are always welcome, but can someone explain the JPEG?
The "maliciously crafted" bit basically means that the bad guys can create a JPEG file that's "corrupt" in some way that causes Apple's graphics rendering libraries to fail such that code embedded in the corrupt JPEG file is executed.
Thanks for the reply Adam. I just realized you guys have a podcast. I have been a subscriber for a little over a couple years. I enjoy the updates.