Friday, January 2, 2015

Apple first auto-patch for NTP flaw

For the first time, Apple has released an auto update to fix a critical security flaw that targets the Network Time Protocol in Mac OS X clock systems. The reason for releasing auto update is due to easily exploited by attackers remotely. According to National Institute of Standards and Technology, it is covered under CVE-2014-9295 that allows remote attackers to execute arbitrary code or cause a buffer overflow. The patch is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 and OS X Yosemite v10.10.1. <more>

No comments: