Apple has issued Security Update 2016-002 for OS X 10.9 Mavericks and 10.10 Yosemite with a few security fixes that cross over from the concurrently released 10.11.4 El Capitan (see “OS X 10.11.4 Improves Notes, iBooks, and Live Photo Support,” 21 March 2016). The update patches an Apache-related vulnerability associated with processing a maliciously crafted .png file that could lead to arbitrary code execution, multiple memory corruption issues related to XML, and an issue with OpenSSH that could expose an information leak and a buffer overflow. (Free. For 10.9.5 Mavericks, 370.8 MB; for 10.10.5 Yosemite, 462.1 MB)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 29 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.