Skip to main content

Apple's Own Huge Patch Tuesday Fixes OS X, iOS Flaws

At this point, the "Macs don't get malware" myth has been well and truly quashed, but after today, Macs will get a little bit less malware. Apple yesterday (Jan. 27) pushed out dozens of important security updates to its main software products, making it the equivalent of Microsoft and Adobe's monthly Patch Tuesday round of fixes.

The bulk of the patches apply to Apple's OS X Mountain Lion, Mavericks and, especially, Yosemite operating systems, but iOS and Apple TV also got their fair share. Yosemite, iOS and Apple TV each got a version bump.

MORE: Best Antivirus Software and Apps

For those who have an interest in Mac security (and/or superhuman reserves of patience), Security Update 2015-001, which includes the Yosemite version increase to 10.10.2, details more than 50 security fixes for its three most recent desktop operating systems. The fixes flaws run the gamut: everything from Bluetooth vulnerabilities to exploitable code within the deepest levels of the systems' kernels — including the potentially devastating proof-of-concept Thunderstrike bootkit.

The flaws left Macs open to a surprisingly wide variety of attacks. Hackers could have taken remote control of a computer, copied private information to an external hard drive, crashed programs or allowed a guest to masquerade as a system administrator, among other things. The good news is that there is no evidence that any malefactors took advantage of these flaws in the wild.

More than 30 separate flaws were patched in iOS and Apple TV each, with most of the flaws, which made the devices vulnerable to potential remote access or file theft, overlapping between the two platforms. The patches bring iOS to version 8.1.3 and Apple TV to version 7.0.3.

However, the update excludes iPhones older than the 4S and iPads older than the 2. In terms of Apple TV, only 3rd-generation models will receive the new security updates.

The Safari Web browser for the desktop was patched separately from OS X, mending four flaws in the underlying WebKit rendering engine. The Safari update will bring versions of the desktop program to 8.0.3, 7.1.3 and 6.2.3, depending on which operating system users possess (Mountain Lion, Mavericks and Yosemite, respectively). Fixes for the same WebKit flaws were rolled into the larger iOS and Apple TV updates.

All Apple products download security updates automatically, unless you've set yours not to. To ensure you have the latest version, simply check for updates manually in whichever manner your device or program specifies.

Marshall Honorof is a Staff Writer for Tom's Guide. Contact him at mhonorof@tomsguide.com. Follow him @marshallhonorof. Follow us @tomsguide, on Facebook and on Google+.