For the first time ever, Apple has released an automatic security update for iMacs and Macbooks. The update is designed to patch the recently-discovered security vulnerability CVE-2014-9295, which affects OS X and other Linux and Unix distributions.
Apple spokesperson Bill Evans told Reuters that the update is “seamless” and doesn’t require a system restart.
The security vulnerability was revealed last week by the US Department of Homeland Security and the Carnegie Mellon University Software Engineering Institute. The bug means hackers could exploit a fault in a system’s Network Time Protocol (NTP) for gain access to a computer remotely.
“Apple’s proactive steps to automatically remediate this particular vulnerability shows the need to quickly patch remotely exploitable vulnerabilities,” according to Tripwire security analyst Ken Westin. “However, the use of Apple’s automatic deployment tool is not without risks, as even the simplest update can cause problems for some systems. In this case the update may have been so minor the risk of affecting other applications and processes was minimal.”
Westin advises anyone worried about the auto-update that “If you have a Mac system where an automatic update might introduce a problem — or you are the paranoid type — it can be disabled by going to the Apple Menu > System Preferences > App Store and unchecking Install system data files and security updates.”
Source: CNET
