AMITIAE - Tuesday 23 December 2014

Cassandra: OS X NTP Security Update - ntpd

apple and chopsticks


By Graham K. Rogers


Apple has released an important Security Update for OS X (Mountain Lion, Mavericks, Yosemite) for a vulnerability that could allow a remote attacker to "execute arbitrary code". The description of this on the Apple Support Document HT6601 informs users that "Several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. These issues were addressed through improved error checking."

I found in the App Store (Downloads) that this update had been installed automatically as I allow this in System Preferences > App Store. If this is not permitted, it is strongly recommended (by several sources) that this is downloaded right away: check in the App Store, Downloads section.

Apple acknowledges in the Security document that this vulnerability was identified by Stephen Roettger of the Google Security Team.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life.



Made on Mac

For further information, e-mail to

information Tag information Tag

Back to eXtensions
Back to Home Page

All content copyright © G. K. Rogers 2014