When a major new release of an operating system appears, the vendor is typically aware of certain unfixed bugs, and real-world users often run into issues that didn't surface during the testing period. So a .1 update usually arrives a short time later.
OS X El Capitan 10.11 follows that tradition, and version 10.11.1 has made its debut.
Apple's traditionally terse release notes for OS X 10.11.1 say it:
- Improves installer reliability when upgrading to OS X El Capitan
- Improves compatibility with Microsoft Office 2016
- Fixes an issue where outgoing server information may be missing from Mail
- Resolves an issue that prevented display of messages and mailboxes in Mail
- Resolves an issue that prevents certain Audio Unit plug-ins from functioning properly
- Improves VoiceOver reliability
- Adds over 150 new emoji characters with full Unicode 7.0 and 8.0 support
If the update allows Outlook 2016 to function properly on El Capitan, a lot of users will be very happy.
OS X 10.11.1 and Security Update 2015-007 for OS X Mavericks 10.9.5 and OS X Yosemite 10.10.5 provide the usual laundry list of security patches. More than 60 CVEs are addressed by these releases.
Many of them overlap with those covered by iOS 9.1, since OS X, iOS and watchOS have a lot in common.
Many of the vulnerabilities fixed are serious issues that allow arbitrary code execution or other significant attacks.
Among the more interesting vulnerabilities fixed in OS X 10.11.1 and Security Update 2015-007 are a couple of flaws that allowed malicious audio files to execute code if played, an EFI-related issue (also patched by Mac EFI Security Update 2015-002 for Mavericks), problems with the El Capitan Nvidia graphics driver that could be exploited to read kernel memory or execute code with kernel privileges, a libarchive issue that could be used to overwrite arbitrary files, a shortcoming that could be run arbitrary AppleScripts without the user's express consent, and a way of generating synthetic clicks on keychain prompts (thus bypassing the user).
Open source components updated include Apache, Net-SNMP, OpenGL and OpenSSH.
You can read the full list of issues here.
The Safari-related fixes are also available separately as Safari 9.0.1.
The updates are available via the updates section of the Mac App Store.