Apple Releases Security Updates for OS X Server, iOS, iTunes and Xcode

Yesterday Apple made available a large collection of security updates for the following list of products:

  • Apple OS X Server: OS X Yosemite (10.10.5 or later)
  • Apple iTunes (for Windows 7 and later)
  • Apple Xcode 7.0 (for OS X Yosemite v10.10.4 or later)
  • Apple iOS 9: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

Full details on all updates are available on Apple’s Security Updates page. I would suggest prioritizing the installation of the updates for iOS, OS X Server and iTunes since they resolve the largest number of CVEs (defined) and address serious security issues in OS X Server.

Noteworthy fixes included are as follows:
Apple Xcode 7.0: Includes fixes for 10 CVEs (which includes 4 issues in OpenSSL, 2 in subversion (svn) and 1 in the API of the Apache configuration).

Apple iTunes 12.3: Includes fixes for 66 CVEs (includes 7 critical issues with CoreText, 2 issues in ICU and 55 critical issues in WebKit (the renderer within iTunes)).

OS X Server: Addresses 20 CVEs (which includes critical issues resolved within PostgreSQL).

Apple iOS 9: Includes fixes for Apple Pay, CoreCrypto, CoreText, iOS kernel, libc, libpthread, Safari, OpenSSL, Siri and WebKit (among others) (101 CVEs addressed in total with a further 5 issues not assigned a CVE at this time).

If you use any of the above software, please install the appropriate updates as soon as possible. As a routine precaution I would recommend backing up the data on any device for which you are installing updates (preferably to an external storage device that can easily be accessed by you) in order to prevent data loss in the rare event that any update causes unexpected issues.

Please see these links from Apple for advice on backing up your iPhone and iPad especially since the iOS upgrade is a significant one.

Further details of the features/improvements incorporated into iOS 9 are located here, here and here.

For advice on how to install updates for Apple devices, please see the steps detailed at the end of this Sophos blog post as well as this link (from my “Protecting Your PC” page).

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s