Apple Releases dozens of Security Updates to Fix OS X and iOS Flaws

Apple has released updates to patch dozens of security vulnerabilities in iOS and OS X Yosemite operating system.

The updates include iOS 8.4 version of the mobile operating system, OS X Yosemite 10.10.4 and Security Update 2015-005.

The iOS 8.4 update includes patches for over 20 security vulnerabilities that could lead to remote code execution (RCE), application termination, the intercepted encrypted traffic, man-in-the-middle attacks and other problem.

Certificate trust policy issues, buffer overflow vulnerabilities, apache compatibility issues, memory corruption flaws, and a host of WebKit, kernel, and CoreText vulnerabilities were also patched in the latest iOS update.

OS X Yosemite 10.10.4 update

The OS X Yosemite 10.10.4 update includes patches for QuickTime, ImageIO, and OpenSSL along with Remote Code Execution (RCE) flaws and other issues that may allow attackers to gain elevated privileges or crash applications.

The Safari 8.0.7 update patches four vulnerabilities in the WebKit browser engine that could allow an attacker to remotely execute code, view WebSQL databases, steal account information and pilfer cookie information from a targeted Mac.

Logjam Issue Resolved

The iPad and iPhone update also addresses the Logjam flaw, a cryptographic weakness in algorithms used by the "Diffie-Hellman key exchange" that allows protocols like HTTPS, SSH, SMTPS, IPsec to negotiate a secret key and create secure communication channels.

Mac owners are recommended to grab the OS X Yosemite version 10.10.4 and the latest Security Update 2015-005 now. It advisory details the same patches for many issues present in iOS as well as many additional vulnerabilities.

Update Now

Mac OS X users can download and install the updates through the Software Update tool. iPhone and iPad users can grab the update through the "General" tab in the Settings app and then click the Software Update tab to continue.