“Apple squashed 30 security holes in macOS Sierra with the release of macOS 10.12.5 on Monday,” Bryan Chaffin reports for The Mac Observer. “The company’s security notes indicate the update addressed a wide variety of issues in its Mac operating system, many of which are serious.”
“Flaws would have allowed the bad guys to capture network credentials, gain root control of your Mac, or read data stored in memory that is supposed to be protected,” Chaffin reports. “These patches were included in macOS 10.12.5, but Apple also released standalone security updates for El Capitan and Yosemite:”
More info and download links:
• Security Update 2017-002 El Capitan
• Security Update 2017-002 Yosemite
Full list of fixes here.
MacDailyNews Take: The Mac gets even more secure!
SEE ALSO:
Apple releases macOS Sierra 10.12.5 – May 15, 2017
OK, then how many in El Capitan?
Don’t know but there was a security update for El Capitan.
13 CVEs for El Capitan patched.
Apple has released their security content document for the updates here:
https://support.apple.com/en-us/HT207797
Oops. Make that 15 as there was a triple patch of WindowServer.
Thirty? That’s a lot !!! but well…now taken care of..
Recently, Apple has been providing A LOT of security patches, You can read through the lists here:
https://support.apple.com/en-us/HT201222
It’s lousy that modern software coding these days is still incredibly crap, resulting in multitudes of security holes.
On the other hand, Apple has been increasingly more serious about software security since the bad old days of circa 2007-2009. As a result, macOS and iOS continue to be two of the safest operating systems available, in the traditions of all BSD Unix OSes. Just don’t expect coding perfection, ever! No smugness allowed!
…Well, except for the occasional schadenfreude regarding Windows and Android security. Good gawd what a mess!
Perhaps MDN should be more circumspect when trashing Microsoft for security updates that it made. Are you certain such a ransomware attack on an XP would not have worked just as well against an unpatched version of OSX from the same era? Does Apple patch OSes from over a decade ago?
One thing we know for sure. If there is a clear security advantage of Macs versus Windows as we are led to believe by the Mac press, Timid Tim won’t advertise it.
Based on the number of bugs and patches in the last several versions, I seriously question whether Apple has a significant lead in security anymore. At hacking conventions, Macs are cracked just like PCs are.
Does Apple patch OSes from over a decade ago?
No company should have to! If you read details of the ongoing PWNing and Ransoming of businesses around the planet, you’ll find that a lot of them have, despite all sanity, refused to update their computer systems going back as far as Windows XP. That SPECIFIC blundering is why Microsoft has just provided a public patch for Windows XP that stops exploitation of the current security hole.
Also note: Microsoft patched this security hole back in MARCH for Window 7, 8 and 10. And yet, lazy ass IT personnel hadn’t yet bothered to update before this worldwide Ransomware holocaust began.
Another factor: There are thousands of bootlegged copies of Windows installed around the planet, none of which cannot be updated without triggering an alarm at Microsoft.
As I pointed out in a comment above, here in The Dark Age of Computing, you can count on all coding to be crap, resulting in guaranteed security holes. And yet, for whatever reasons you choose, both macOS and iOS continue to be two of the safest operating systems available, as with the rest of BSD Unix OSes.
Just imagine if all these hundreds of thousands of PWNed and Ransomed computers had been running up-to-date macOS. Would this holocaust have happened? It’s interesting to wonder. Considering the fewer rarity of macOS malware compared to Windows and/or Android, I seriously doubt it.
But no snickering please! 30 security patches points out that there’s nothing perfect about macOS or any other OS for that matter.
Well said.
My own patch: “none of which CAN be updated…”
41 CVE security patches in iOS 10.3.2. WebKit wins with the most at 18.
https://support.apple.com/en-us/HT207798
26 CVE security patches in Safari 10.1.1. Most are WebKit patches.
https://support.apple.com/en-us/HT207804
Did they fix the SMB bug that slows server access?
This sounds more like MS than Apple, what happened to the precious walled garden? The snakes got in….LOL