This article originally appeared in TidBITS on 2017-11-01 at 11:40 p.m.
The permanent URL for this article is: http://tidbits.com/article/17610
Include images: Off

Security Update 2017-001 (Sierra) and Security Update 2017-004 (El Capitan)

by Agen G. N. Schmitz

Apple has released Security Update 2017-001 macOS Sierra and Security Update 2017-004 OS X v10.11.6 El Capitan, patching security vulnerabilities that the company addressed in macOS 10.13.1 High Sierra (see “macOS 10.13.1 High Sierra Offers Minor Fixes and More Emoji [1],” 1 November 2017), as well as many other security breaches in the two older operating systems. The security updates include fixes for the KRACK exploits (see “Wi-Fi Security Flaw Not As Bad As It’s KRACKed Up To Be [2],” 17 October 2017), patch multiple memory corruption issues that could lead to arbitrary code execution with kernel privileges, improve input sanitization to prevent an application from reading restricted memory, address multiple issues in Apache, and more. Apple recommends these updates for all users. (Free. For 10.12.6 Sierra [3], 768.3 MB; for 10.11.6 El Capitan [4], 853.6 MB; security content release notes [5])

[1]: http://tidbits.com/article/17608
[2]: http://tidbits.com/article/17572
[3]: https://support.apple.com/kb/DL1940
[4]: https://support.apple.com/kb/DL1939
[5]: https://support.apple.com/en-us/HT208221