|David Curry |||Dec 24, 2014 08:39 AM EST|
(Photo : Apple) Apple has pushed its first automatic update for Mac OS X, fixing a bug the Network Time Protocol.
Apple has pushed its first automatic update to Mac OS X users, after Google researchers reported a serious bug on the Network Time Protocol (NTP).
The bug, named CVE-2014-9295, allows an attacker to send a malicious packet to a vulnerable version of NTP, gaining the same privileges as an authorized version of NTP.
Like Us on Facebook
The privileges given to the NTP would allow a hacker to run malicious code remotely on a computer or server, capable of taking over the machine or system.
Google researchers spotted the flaw a week ago, and while Apple claims no exploits have been spotted on Mac OS X, the automatic update shows the seriousness of the flaw, if a hacker creates an exploit.
NTP is the global standard for internet-time, and syncs up all times from around the globe to under a second. Microsoft and other platform owners should also update their systems, to make sure no vulnerabilities are attacked.
Apple changed its terms of service on OS X two years ago, allowing it to send automatic updates, this is the first time Apple has used this privilege.
OS X Mountain Lion, Mavericks and Yosemite received the automatic update, any Mac users on older versions will still run the risk of vulnerabilities on NTP, and may not be able to update.
Unlike Microsoft, Apple has most of its Mac users on the latest OS X update. In 2013, Apple made Mac OS X updates free for all Mac owners, drawing in millions of users who would have not updated their OS.
It is not the first internet-standard to have flaws exposed in 2014, SSL (Secure Socket Layers) also fell to a malicious bug, codenamed 'HeartBleed', allowing hackers to bypass SSL security on the web.
Google set up its own research group a few months ago, to make sure these issues would be taken care of, before hackers found the vulnerabilities.
©2015 Chinatopix All rights reserved. Do not reproduce without permission
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
Elephone P9000 Smartphone is now on Sale on Amazon India
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?
6 Year-Old-Boy Trapped in 40-Metre-Deep Well for 3rd Day