[MacTUG] Mac OS X security update
Glenn Anderson
anderson at uwaterloo.ca
Fri Sep 2 14:14:05 EDT 2016
Apple has issued security updates for OS X 10.10 Yosemite, OS X 10.11 El Capitan and Safari to address a vulnerability that potentially allows nefarious agents to take over a target device with a single click.
Dubbed "Pegasus," the assault package leverages three zero-day vulnerabilities to remotely jailbreak and install a suite of monitoring software onto a victim's device. One of the key tools in the process is an exploit that takes advantage of a memory corruption flaw in Safari WebKit. The vulnerability allows attackers to deliver the malware payload when a target clicks on a link leading to a malicious webpage.
See http://www.computerworld.com/article/3115800/apple-mac/apple-quashes-3-zero-days-with-emergency-mac-update.html
or Apple at https://support.apple.com/en-us/HT207130
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20160902/cec7dd5c/attachment.html>
More information about the MacTUG
mailing list