Apple just released an update to OS X Yosemite and El Capitan to take care of some stingy security flaws that resemble similar vulnerabilities identified and patched in iOS 9.3.5.
The iOS 9.3.5 comes to fix three security flaws found by the cyber experts at Lookout. The vulnerabilities permitted hackers to access information from an Apple mobile device, such as location, texts, contacts, emails and calls. What is worse, the liabilities made it easy for malicious users to switch the device's microphone on.
Apple also notified its OS X users in a security update that it fixed a vulnerability that permitted an app to execute arbitrary code with kernel privileges.
In order to make sure all loops are closed, the company also updated its proprietary Safari 9 browser. Existing information indicates that hackers got access via a memory corruption flaw in WebKit.
Two additional kernel security flaws would give a hacker jailbreaking possibility, which meant that the hacker was then able to discreetly install malware in order to keep tabs on the unsuspecting user.
In August, Citizen Lab said in a blog post that an operation was discovered, where security services of the United Arab Emirates used exploits to turn an iPhone into a "sophisticated bugging device." Human rights activists should know that the handset belonged to famous human rights defender, Ahmed Mansoor.
Mansoor received an SMS message that contained a suspicious link that, should he had clicked on, would have embedded malware into his iPhone's kernel. Basically, such links are jailbreaking the smartphone without the consent of the device's owner. Mansoor avoided clicking the link and thus maintained his phone safe from tracking.
Apple delivered security updates to address the problems 10 days after Lookout and Citizen Lab reported on the iOS issues. The company is currently outing Mac and Safari updates, only six days after fixes landed on the mobile operating system. Nearly identical vulnerabilities appeared in OS X, because the desktop and mobile Safari variants share a big chunk of the source code.
You might want to go to the Mac App Store and download the updates manually or wait until you get a notification of their availability.
Last month, Apple pushed out the sixth public and seventh developer previews of macOS Sierra, in an effort to polish the rough edges of the OS before it finally delivers the live version this fall. Based on previous experiences, the latest OS will feature all the security updates from previous versions, and more.