Apple has released a ton of security patches for multiple systems including OS X Moutain Lion, Mavericks and Yosemite.  There are also updates for OS X Server and a fix for iTunes that applies to all versions of Windows later than XP. 

The Mountain Lion and Mavericks flaws could allow an attacker to decrypt encrypted data – this flaw is known as the Shellshock BashBug as well as the POODLE flaw.

Yosemite gets the most fixes, more than 40 security issues are addressed in this update including a flaw that can allow an attacker to obtain WiFi credentials. Hackers could also determine the network addresses of your system, execute a denial of service attack and even use malicious Bluetooth devices to get on to your system.

Another flaw causes systems  to sometimes forgetting to ask for passwords after they’ve been asleep.  There were multiple vulnerabilities that allowed attackers to execute arbitrary code and gain system privileges. Also on the list, a flaw in QuickTime where a malicious M4A file could execute arbitrary code. Flaws like this have caused issues with Windows and Flash Player before, but Apple users have always considered themselves to be more secure.

Mac users felt it was because the OS was more secure than Windows, but critics say it was  a numbers game, fewer users run the Mac OS, Windows has 90% of the PC market share. Hackers had less incentive to attack Macs. But the growth in popularity of iPads and iPhones make Apple products a more attractive target, because the desktop or laptop computer can be a way to get to the iCloud.

Unlike Windows users, Mac users generally don’t have additional security software running on their computers. Apple handles vulnerabilities differently that Microsoft. Microsoft will usually warn users when flaw is detected and then later issue a patch. Mac does not disclose or confirm security issues until they have the necessary patches available.  Microsoft schedules a regular monthly release of updates known as Patch Tuesday.

When Microsoft stopped XP security support, they made a huge deal over the end of support. Apple tends to just stop releasing updates. Apple doesn’t have an official support policy like Microsoft’s 10 years from the date of release rule – sometimes they will offer patches for older operating systems and sometimes not. Most often you won’t see patches for anything prior to 2012’s Mountain Lion.

Just as with Windows, you’ll want to make sure you regularly install updates. That also holds true for users of Linux operating systems. You need to check in and see if there are updates available for you particular version. 

No system is safe from malicious attacks.

~ Cynthia