![\"Security](\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2015\/03\/Security-Update-2015-003.png\")
<\/a><\/p>\nApple’s security\u00a0notice describes the patched vulnerabilities as follows:<\/p>\n
- \n
- CVE-2015-1065<\/a> :\u00a0An attacker with a privileged network position may be able to execute arbitrary code. Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.<\/li>\n
- CVE-2015-1061<\/a> : A malicious application may be able to execute arbitrary code with system privileges. A type confusion issue existed in IOSurface’s handling of serialized objects. The issue was addressed through additional type checking.<\/li>\n<\/ul>\n
OS X Yosemite\u00a0users can update through Apple\u2019s Software Update tool by choosing\u00a0Apple menu<\/strong>\u00a0>\u00a0Software Update<\/strong>\u00a0when you’re ready to install, or you can go directly to Apple’s support page to download the updates from there.<\/p>\n
- \n
- Security Update 2015-003 Yosemite<\/a><\/li>\n
- Security Update 2015-003 Yosemite (Early 2015 Mac)<\/a><\/li>\n<\/ul>\n
Note that Security Update 2015-003 also includes the content of Security Update 2015-002, which offered\u00a0patches\u00a0for the FREAK vulnerability\u00a0for OS X, Apple TV and iOS<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
Apple has patched two security bugs\u00a0(CVEs) in OS X Yosemite today with the\u00a0release of Security Update 2015-003. The security update addresses flaws\u00a0in iCloud Keychain in Apple OS X through 10.10.2, as well as other\u00a0flaws related to arbitrary code execution affecting\u00a0IOSurface. Security Update 2015-003 is available for OS X Yosemite 10.10.2. Apple’s security\u00a0notice describes the patched […]<\/p>\n","protected":false},"author":4,"featured_media":8813,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[3151,1561,2077],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\n
- Security Update 2015-003 Yosemite (Early 2015 Mac)<\/a><\/li>\n<\/ul>\n
- CVE-2015-1061<\/a> : A malicious application may be able to execute arbitrary code with system privileges. A type confusion issue existed in IOSurface’s handling of serialized objects. The issue was addressed through additional type checking.<\/li>\n<\/ul>\n