Apple Pushes Out First Mandatory OS X Update

Tom's Guide / Jill Scharr

Updated December 23, 2014 at 2:10 AM

Apple Pushes Out First Mandatory OS X Update

Yesterday (Dec. 22), Apple pushed its first mandatory update for OS X: a patch for a serious bug in the Internet-standard Network Time Protocol. Attackers could exploit the flaw to remotely run code on someone else's computer or server, effectively seizing control.

Until now, Mac owners have always had to agree to each update before it was installed. Yesterday was the first instance in which Apple used its ability to send out mandatory software updates. This particular patch doesn't require a computer restart.

MORE: Best Mac Antivirus Software

Network Time Protocol (NTP), first defined in 1985, is a protocol for syncing time on networked machines all across the world. It's used in most computers and servers, not only in Apple's OS X systems.

The flaw in question, officially designated CVE-2014-9295, has to do with a buffer-overflow issue. An attacker could send a specially crafted malicious packet to a computer with a vulnerable version of NTP, and that packet would be able to run its malicious code with the same privileges as a legitimate NTP packet.

Exploits for this newly discovered NTP flaw do exist, but Apple says it has not detected any instances of people exploiting the flaws on an OS X system.

Nevertheless, after the flaw was disclosed by Google researchers last week, Apple decided to push out the security update for OS X Mountain Lion, Mavericks and Yosemite in such a way that users wouldn't have to manually approve it for it to download. Apple gave itself the ability to push out mandatory updates two years ago.

If you really don't like the idea of Apple pushing automatic updates to your computer, you can disable the feature by going to the Apple Menu, then System Preferences, then the App Store. Uncheck "Install system data files and security updates."

Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, onFacebook and on Google+.

Engadget
Pornhub to leave five more states over age-verification laws
Pornhub will block access to its site in five more states in the coming weeks.
Yahoo Sports
NFL offseason power rankings: No. 30 Denver Broncos are a mess Sean Payton signed up for
The Broncos are still reeling from the Russell Wilson trade.
Yahoo Sports
NFL teams in the worst shape for 2024 | The Exempt List
On today's episode, Charles McDonald is joined by Frank Schwab to predict how the worst six teams in the NFL will fare in 2024.
Yahoo Sports
Tiger Woods' son Charlie wins USGA qualifier to play in U.S. Junior Amateur championship
Charlie, 15, is the same age his father was when Tiger won the first of this three straight U.S. Junior Amateur championships in 1991.
Yahoo Sports
Ravens reveal their one-game-only 'Purple Rising' helmet, which should be worn full time
These helmets are too cool to keep locked up for 51 weeks a year.
Autoblog
Dealer says he sold LeBron James a Bugatti. LeBron replies: 'LIARS!'
A California high-end car dealership “congratulated” NBA legend LeBron James for all to see on Instagram about his "purchase." LeBron James begs to differ.
Autoblog
The 10 cheapest vehicles to own and operate over 5 years
MarketWatch's latest study calculated the depreciation and running costs of new vehicles, finding that some more than doubled the expenses of others.
Yahoo Sports
Urban Meyer just served Ryan Day and Ohio State a big helping of rat poison
National title or bust is a brutal standard, but that will be the expectation this season at Ohio State.
Autoblog
2025 BMW X3 debuts bold new design, even bolder interior for next generation
BMW’s bread-and-butter model, the next-gen 2025 BMW X3, is officially out.
Yahoo Personal Finance
How much money should you keep in your checking account?
Every bank customer likely wonders: “How much money should I keep in my checking account?” And the answer might surprise you. Here’s how much you should really keep in a checking account.
Yahoo Sports
Sparks star rookie Cameron Brink carried off court with knee injury vs. Sun
Brink grabbed her knee in pain after falling to the court and needed the help of trainers to carry her from the court.
Yahoo Sports
Astros place Justin Verlander on IL in another blow to injured rotation
Verlander will lose a $35 million player option and become a free agent this offseason if he falls short of an innings threshold.
Yahoo Sports
Top Yankees prospect Jasson Domínguez returns to IL due to oblique injury weeks after return from Tommy John surgery
Domínguez made a splash in his 2023 MLB debut, with four home runs in eight games before being sidelined due to a UCL tear.
Yahoo Sports
Men's College World Series 2024 Day 2: Kentucky delivers another walk-off, Texas A&M wins after midnight
Day 2 of the 2024 College World Series ended at 1:13 a.m. local time.
Yahoo Sports
Lashinda Demus will get her Olympic gold medal ... 12 years later
Demus will receive her gold medal at a ceremony at the foot of the Eiffel Tower during the 2024 Summer Olympics.
Yahoo Sports
Belmont Stakes: Jayson Werth says his horse's win feels as good as World Series title
Werth bought a 10% stake in Dornoch in 2022.
Yahoo Sports
Best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Ranking all MLB City Connect jerseys, from the Dodgers at No. 28 to the Marlins at No. 1
With every participating team having released their set, let's rank and grade them all.
Yahoo Finance
AI enthusiasm prompts 3 Wall Street banks to raise stock market forecasts
AI-driven earnings growth has strategists feeling even more bullish about stock returns this year.
Yahoo Sports
Best fantasy football quarterbacks for 2024, according to our experts
The Yahoo Fantasy football analysts reveal their first quarterback rankings for the 2024 NFL season.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Apple Pushes Out First Mandatory OS X Update

Recommended Stories

Pornhub to leave five more states over age-verification laws

NFL offseason power rankings: No. 30 Denver Broncos are a mess Sean Payton signed up for

NFL teams in the worst shape for 2024 | The Exempt List

Tiger Woods' son Charlie wins USGA qualifier to play in U.S. Junior Amateur championship

Ravens reveal their one-game-only 'Purple Rising' helmet, which should be worn full time

Dealer says he sold LeBron James a Bugatti. LeBron replies: 'LIARS!'

The 10 cheapest vehicles to own and operate over 5 years

Urban Meyer just served Ryan Day and Ohio State a big helping of rat poison

2025 BMW X3 debuts bold new design, even bolder interior for next generation

How much money should you keep in your checking account?

Sparks star rookie Cameron Brink carried off court with knee injury vs. Sun

Astros place Justin Verlander on IL in another blow to injured rotation

Top Yankees prospect Jasson Domínguez returns to IL due to oblique injury weeks after return from Tommy John surgery

Men's College World Series 2024 Day 2: Kentucky delivers another walk-off, Texas A&M wins after midnight

Lashinda Demus will get her Olympic gold medal ... 12 years later

Belmont Stakes: Jayson Werth says his horse's win feels as good as World Series title

Best RBs for 2024 fantasy football, according to our experts

Ranking all MLB City Connect jerseys, from the Dodgers at No. 28 to the Marlins at No. 1

AI enthusiasm prompts 3 Wall Street banks to raise stock market forecasts

Best fantasy football quarterbacks for 2024, according to our experts