Apple releases critical security update for OS X NTP services vulnerability

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple on Monday pushed out an update addressing a "critical security issue" for OS X concerning a vulnerability discovered in the Network Time Protocol service, affecting Mac users running OS X Yosemite, Mavericks and Mountain Lion.

According to Apple's Support website, the update targets a number of issues with OS X Network Time Protocol daemon (ntpd) software that allows remote attackers to trigger buffer overflows, which can be leveraged to execute arbitrary code on a target Mac. The Google Security Team made the discovery earlier this month.

Users can verify their ntpd version by opening Terminal and typing what /usr/sbin/ntpd. With the update installed, users should see the following versions:

Mountain Lion: ntp-77.1.1

Mavericks: ntp-88.1.1

Yosemite: ntp-92.5.1

Users can find the update via Software Update or already downloaded if the "Install system data files and security updates" option is checked in the App Store menu of System Preferences.