On the 8th and 11th of December Apple released numerous security updates for the following products:
- Apple iOS 9.2: For iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
- Apple tvOS 9.1: For Apple TV (4th generation)
- Apple OS X: For OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 (2 updates), OS X El Capitan v10.11 and v10.11.1
- Apple watchOS v2.1: For Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
- Apple Safari 9.0.2: For OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1
- Apple Xcode 7.2: For OS X Yosemite v10.10.5 or later
- Apple iTunes 12.3.2: For Windows 7 and later
Comprehensive details of all of these updates are provided on Apple’s Security Updates page.
If you wish to prioritize these updates I would suggest beginning with installing the updates for iOS, OS X, watchOS and tvOS as well as Safari due to the number and severity of the issues they address (the most serious resulting in an attacker having the ability to run code of their choice (remote code execution) with kernel or system level privileges).
Noteworthy fixes included are as follows:
Apple iOS 9.2: Resolves 51 CVEs (defined) and includes fixes for AppleMobileFileIntegrity, CoreGraphics, GPUTools Framework, ImageIO, iOS Kernel, libc, MobileStorageMounter, iOS Safari and WebKit (among others)
Apple OS X and Security Update 2015-006 Yosemite: Resolves 55 CVEs which includes fixes for apache_mod_php, AppSandbox, Bluetooth, , CoreGraphics, CoreMedia Playback, EFI, Intel Graphics Driver, OS X kernel, libc, OpenGL, OpenSSH and System Integrity Protection (among others).
Apple tvOS 9.1: Resolves 45 CVEs including security issues within AppleMobileFileIntegrity, CoreGraphics, CoreMedia Playback, ImageIO, tvOS kernel, libc, MobileStorageMounter, OpenGL and WebKit (among others).
Apple watchOS 2.1: Resolves 30 CVEs within components such as AppSandbox, CoreGraphics, CoreMedia Playback, FontParser, GasGauge, ImageIO, watchOS kernel, libc, OpenGL and Sandbox (among others).
Apple Safari 9.0.2: Resolves 12 CVEs all within WebKit (the renderer of Safari).
Apple Xcode 7.2: Resolves 4 CVEs. The most serious of which were present within the otools component of Xcode.
Apple iTunes 12.3.2: Resolves 12 CVEs: all within WebKit. This updates applies to the Windows version of iTunes only.
If you use any of the above software, please install the appropriate updates as soon as possible.
As a routine precaution I would recommend backing up the data on any device for which you are installing updates (preferably to an external storage device that can easily be accessed by you) in order to prevent data loss in the rare event that any update causes unexpected issues.