Security Market Segment LS
Thursday, 22 October 2015 06:54

Apple delivers OS X 10.11.1 and more Mac security fixes


Apple has released OS X 10.11.1 - 'El Capitan take two' - along with corresponding security fixes for Macs running recent versions of OS X.

When a major new release of an operating system appears, the vendor is typically aware of certain unfixed bugs, and real-world users often run into issues that didn't surface during the testing period. So a .1 update usually arrives a short time later.

OS X El Capitan 10.11 follows that tradition, and version 10.11.1 has made its debut.

Apple's traditionally terse release notes for OS X 10.11.1 say it:

  • Improves installer reliability when upgrading to OS X El Capitan
  • Improves compatibility with Microsoft Office 2016
  • Fixes an issue where outgoing server information may be missing from Mail
  • Resolves an issue that prevented display of messages and mailboxes in Mail
  • Resolves an issue that prevents certain Audio Unit plug-ins from functioning properly
  • Improves VoiceOver reliability
  • Adds over 150 new emoji characters with full Unicode 7.0 and 8.0 support

If the update allows Outlook 2016 to function properly on El Capitan, a lot of users will be very happy.

OS X 10.11.1 and Security Update 2015-007 for OS X Mavericks 10.9.5 and OS X Yosemite 10.10.5 provide the usual laundry list of security patches. More than 60 CVEs are addressed by these releases.

Many of them overlap with those covered by iOS 9.1, since OS X, iOS and watchOS have a lot in common.

Many of the vulnerabilities fixed are serious issues that allow arbitrary code execution or other significant attacks.

Among the more interesting vulnerabilities fixed in OS X 10.11.1 and Security Update 2015-007 are a couple of flaws that allowed malicious audio files to execute code if played, an EFI-related issue (also patched by Mac EFI Security Update 2015-002 for Mavericks), problems with the El Capitan Nvidia graphics driver that could be exploited to read kernel memory or execute code with kernel privileges, a libarchive issue that could be used to overwrite arbitrary files, a shortcoming that could be run arbitrary AppleScripts without the user's express consent, and a way of generating synthetic clicks on keychain prompts (thus bypassing the user).

Open source components updated include Apache, Net-SNMP, OpenGL and OpenSSH.

You can read the full list of issues here.

The Safari-related fixes are also available separately as Safari 9.0.1.

The updates are available via the updates section of the Mac App Store.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News