NTP Critical Security Update for OS X Released by Apple, All Mac Users Should Install Now

Dec 22, 2014 - 16 Comments

Security Apple has issued a critical security update to OS X users aimed at patching an exploit with the network time protocol on most Macs. The update is labeled urgently as “Install this update as soon as possible” rather than a traditional name, perhaps indicating the importance of patching the unspecified issue with the Macs NTP.

All Mac users should heed the advice from Apple and take a moment to install the security patch.

Mac users running OS X Yosemite (10.10), OS X Mavericks (10.9), and OS X Mountain Lion (10.8) will find the update available now in the Software Update mechanism of OS X, accessible from the  Apple menu and by choosing “Software Update”, the update is only 1.4MB and installs very quickly. Note that if you have automatic updates enabled for system software and security updates, the NTP was possibly installed already for you, but it’s worth checking manually anyway.

The release notes for the security update say: “This update addresses a critical security issue with the software that provides the Network Time Protocol service on OS X, and is recommended for all users”

Security update network time server for OS X

Apple has reportedly started to automatically push the update to Mac users, according to Reuters. Those who are not sure if they have installed the update can manually check what version of NTP is installed on their Mac by issuing the following command at the Terminal:

what /usr/sbin/ntpd

Apple discusses the NTP fix here, noting the updated versions will be the following as reported by the ‘what’ command:

Mountain Lion: ntp-77.1.1

Mavericks: ntp-88.1.1

Yosemite: ntp-92.5.1

Assuming the version reported back is the same as those, the NTP patch has been installed. Some users may have seen the following notification on their Mac desktop, which indicates the patch installed itself:


Though the specific issue with Network Time Protocol (NTP) is not mentioned in the update release notes, the security update for OS X likely pertains to this remote code execution flaw in NTP that was recently discovered by Google employees.

Users should not need to reboot their Macs for any changes to take effect.

This is not necessary, but a geeky extra for those who are curious, users can manually restart the NTP server by unchecking and rechecking the “Set date and time automatically” button within the Date & Time preference panel of OS X, using ntpdate at the command line, or by killing the “com.apple.preference.datetime.remoteservice” process and reloading the Date & Time system preference panel.


Related articles:

Posted by: Paul Horowitz in Mac OS, News, Security


» Comments RSS Feed

  1. Patrick Mele says:

    I used this terminal comand- what /usr/sbin/ntpd

    to see if infact the update was done via the Mac app store and to my surprise it wasn’t therefore I installed it manually and the command- what /usr/sbin/ntpd worked and showed the following- ntp 92.5.1. Why Apple update failed is beond me! Better safe than sorry! Thanks OSX Daily for the heads up!

  2. Ned says:

    What about Snow Leopard? Vulnerable?

  3. Parker Schnabel says:

    After I installed this update, a map popped up on my phone. I followed the X marks the spot in my front yard. I dug down 2 feet where it told me to and found a 5 pound gold nugget!

  4. Jeff_59 says:


  5. john says:


    When I installed this update it also fixed the well known wi-fi issue (the one that 10.10.1 was supposed to fix)

    Has this worked for anyone else?

    I can now connect to my wireless router.

  6. John says:

    Interestingly, Apple’s patch didn’t change the version of ntpd: it still shows as v4.2.6 ($ ntpd –version), even after restarting the process or the entire machine.

    But Apple’s method of verifying the update (from their Security Update page at http://support.apple.com/en-us/HT6601) does verify that the update took place ($ what /usr/sbin/ntpd). Not sure why they didn’t update the version number….that’s going to be confusing.

  7. Jennifer says:

    I found it right away. Thanks for the heads-up!

  8. LeeBee says:

    Yep, same for me, although I did spot a little notification saying it had been installed automatically. Normally I would go into software updates and start the install manually.

  9. Lout says:

    very strange. just after I posted, I saw a message flash by saying a security update had been installed. However when I went to updates, it does not show in the list of recently installed updates.

    Does Apple auto install updates that are not listed?

    • Ben says:

      I got the same message about 10 minutes ago. No record of what was installed other than the notification dialog.

      Must be a pretty serious vulnerability.

    • Margaret says:

      App Store doesn’t list this update on my machine, either. I saw the message flash by this morning, butt here was no way to figure out if it was actually installed or even if it was legit.

      Terrible security here. If Apple wants people’s systems to be secure, they need to do a much better job of explaining what the patch is and who initiated it and if it actually installed properly. Instead, this ham-fisted method is just going to confuse my clients and reinforce the idea that ordinary people have no hope of understanding computer security.

  10. Lout says:

    same here: this update is not show using either method.

  11. Mike says:

    Same here, went to software update and no updates shown.

  12. Charlie Johnson says:

    I just went to the App Store and this update is not shown. Comments?

Leave a Reply


Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks


iPhone / iPad



Shop on Amazon to help support this site