Apple to rush out first ever automatic security update

By on
Apple to rush out first ever automatic security update

Apple has issued its first ever automatic security update in order to patch a critical flaw in its Mac OS X operating system.

The vulnerability, which was publicised by the US Department of Homeland Security last week, affected the Network Time Protocol (NTP) element of Apple's operating system and could allow a hacker to take control of a victim's computer using a remote code execution attack.

According to the published warning, exploits for the vulnerability are already available and in use, and it wouldn't require much skill for an attacker to take advantage of the hole.

Unlike Microsoft, Apple doesn't have a regular security update cycle, and pushes out patches as and when they're ready. However, applying them to a computer normally requires user intervention of some kind, from scanning for updates to giving permission for them to be installed.

On this occasion, however, Apple is using an automatic update function it introduced two years ago but had gone unused until now.

Bill Evans, a spokesman for Apple, told Reuters the organisation had finally decided to make use of this tool as it "wanted to protect customers as quickly as possible due to the severity of the vulnerabilities".

"The update is seamless, it doesn't even require a restart," said Evans.

Apple isn't the only firm whose software could be affected by this vulnerability, however. NTP, which synchronises clocks between two communicating computers, is one of the oldest protocols out there, having existed since the mid-80s, but is still very widely used. As well as Mac OS, all currently supported versions of Windows use NTP.

This article originally appeared at pcpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © Alphr, Dennis Publishing
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

5G phones have arrived. How long until you buy one?
OMG right now this minute shut up and take my money
About six months from now, once network coverage improves
About a year from now, once I have a few handsets to choose from
Maybe never - I don't think I'll need a faster phone
Never - You'll have to take my Nokia 3210 from my cold, dead hands
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?