Security Update 2015-003 for OS X Yosemite Released

Mar 19, 2015 - 10 Comments

OS X Yosemite Security Update 2015-003

Apple has released an important security update for OS X Yosemite users. Labeled as “Security Update 2015-003 1.0, the update is available to all Macs running OS X Yosemite 10.10.2.


The easiest way to install the update is through the Mac Software Update mechanism, accessible from the  Apple menu > App Store > Updates tab.

The update should appear automatically, but refreshing the App Store can be helpful if it does not show up. You may find a recent security update to Safari as well. It is recommended to start a backup with Time Machine before installing. Altenratively, Mac users can download the update directly from Apple, though you’ll want to be sure to pick the proper version (curiously, there’s a general version available and one specific to early 2015 Mac models):

The update is recommended for all OS X Yosemite users to install, as it improves the security of OS X against several potential issues. The update also includes security fixes from the prior Security Update, for those users who have slacked on installing that one for whatever reason.

Specifically, the detailed release notes for Security Update 2015-003 1.0 for OS X Yosemite are as follows:

Security Update 2015-003

• iCloud Keychain
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able to execute arbitrary code
Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-1065 : Andrey Belenko of NowSecure

• IOSurface
Available for: OS X Yosemite v10.10.2
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A type confusion issue existed in IOSurface’s handling of serialized objects. The issue was addressed through additional type checking.
CVE-ID
CVE-2015-1061 : Ian Beer of Google Project Zero

It’s a good idea to always start a back up of a Mac before installing software updates, even small security updates like this.

.

Related articles:

Posted by: Paul Horowitz in Mac OS, News

10 Comments

» Comments RSS Feed

  1. Fret yupangco says:

    Update my iPod touch 6.1.6 to iOS 8

  2. Had enough says:

    My 27′ iMac desktop worked flawlessly when I first bought it. Always was a windows user but once I purchased the iPhone 4 I was hooked . After my SONY Vaio substance 2 bad viruses I had enough. Went to local Apple retail store & spent a lot of $ that I regret now. After spending $1999.99 on iMac, $99.99 on Airport Express, $299.99 on 2TB Airport TC, $ $1999.99 on 15″ iMac Pro w/Retina 2.2 GHz, $449.99 on iPad Air 32GB,, $169.00 on Apple care+ , $349.95 on HighPoint RocketStor 6361A Thunderbolt 2, $69.00 on Magic Trackpad, $579.95 on Ergotron Workfit -A-Sit- stand work station & a ThunderBolt to FireWire adapter $25.00 iTune card . Updated MacBook Pro to O SX 10.2, iMac and iPad to IOS 8. The Mac went out a 2 story window , MacBook has a large hole in screen and iPad cracked in half. But hey it’s only $$ right Apple

    • oMnao says:

      Why did you throw your iMac out of a two story window? And you’re upset with Apple for that? You should call insurance, if you have renters or home owners insurance they may cover your 2 story drop, how on earth did that even happen? Did you push it out or did it fall out a window from your desk? And how did your MacBook get a big hole in the screen, did you shoot it?

      Good lord, you either need to move into a better neighborhood or take better care of your hardware! And get insurance on your $6000+ equipment!

  3. Ilya says:

    After this update my system don’t see old hard drive, only ssd ((((

  4. Sidar Cisneros says:

    I have a Mac book pro mid 2012, after installing the security update my laptop won’t see the router. Any ideas?
    Thanks

    • stan says:

      The same happened also to my macbook pro 2009.
      It seems that apple has messed up with wifi.

      Deleting the saved wifi network and connecting again brought me back online.
      Restarting is not recommended though as ot takes now 1-2 minutes to connect.

      Apple should really write in the release notes what they are going to change so that people know what’s coming…

      • Bunga says:

        Apple broke wireless and hasn’t been able to fix Wi-Fi in OS X Yosemite since breaking it in the first release, 10.10.3 is the same as 10.10.2 in terms of wireless connectivity, which is to say it works for some, and doesn’t work for others. That this is a final product in the hands of customers is amazing to me, paying $1500+ for a computer that can’t connect to the internet.

        If anyone has an answer other than using OS X Mavericks or taking their computer back to Apple and demanding a refund, that would be great. But there isn’t another alternative, wi-fi either works or it doesn’t, Apple has no answer.

    • Upset Mac user says:

      Me too – WONDERFUL A laptop with no wireless courtesy of the manufacturer. WTF!

  5. Bunga says:

    Still nothing for OS X 10.10.3, great

    • Okazaki says:

      Except that 10.10.3 is a beta, so you’re (literally) signing up for a potentially insecure/unstable system.

      And, I’m assuming (because I’m running 10.10.3), it has these fixes implemented already in it.

Leave a Reply

 

Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks

News

iPhone / iPad

Mac

Troubleshooting

Shop on Amazon to help support this site