Apple just released a new security update in which fix a bug which was present in the latest operating systems released by the company, for this reason both OS X 10.10.1 Yosemite, OS X 10.9.5 Mavericks and OS X 10.8.5 Mountain Lion have been affected.
Specifically, it is a security flaw in the NTP protocol (Network Time Protocol) that would automatically synchronize the system time with that of Apple's servers where a remote attacker could execute arbitrary code
In this case, there were several problems that affected this ntpd daemon, which would have allowed an attacker to cause buffer overflows. This bug has been discovered through improved error checking.
Something that a priori seems as harmless as the time synchronization protocol used between the servers and the Mac, it would be the method by which said attacker could access the computer. However, we have seen how Apple has reacted quickly to this warning given by Stephen Roettger of the Google security team, to cover the security flaw.
Although this update is available for the versions I mentioned before, we can still check version of ntpd that we have installed, for this we will write the following command in Terminal: what / usr / sbin / ntpd.
This update would apply the following versions:
- Mountain Lion: ntp-77.1.1
- Mavericks:ntp-88.1.1
- Yosemite: ntp-92.5.1
To download it, simply access the updates tab of the Mac App Store. This update with a weight of 1,4 Mb is quite critical due to the risk that it entails, so obviously it can be considered practically a mandatory installation.
