Apple patches 67 bugs in OS El Capitan, refreshes Safari and iTunes

17.05.2016
Apple yesterday updated OS X El Capitan to version 10.11.5, patching nearly 70 vulnerabilities as it began to wind down changes prior to the next iteration launching later this year.

OS X 10.11.5 offered few non-security bug fixes and no new features; in other words, it was a typical late-life refresh of an edition.

Apple on Monday also patched the older OS X Mavericks (from 2013) and OS X Yosemite (2014), and issued updates to both iTunes and the firm's Safari browser.

Of the 67 security flaws fixed in El Capitan, a dozen also applied to Mavericks and 14 to Yosemite, according to Chris Goettl, director of product management at Salt Lake City-based LANDESK, which makes systems and asset management software.

More information on the specific components patched yesterday was available on Apple's website.

Goettl called out a few of the fixes in an email to Computerworld. The one QuickTime vulnerability, now patched, "is interesting in that social engineering could be employed to get a user to click on a video file, such as using a headline of the day that would be enticing to watch, such as 'Funny Quotes from Donald Trump,' and bad things ensue," wrote Goettl.

As it refreshed Safari to version 9.1.1, Apple patched seven vulnerabilities in the browser, the most dangerous of which could be used to hijack a Mac whose user had steered to a malicious website. Safari 9.1.1 is the latest edition for El Capitan, Yosemite and Mavericks.

Safari is also being run through a beta program of its own with the Technology Preview, a first for Apple, which jumped into the early-look game two months ago. Apple delivered the fourth Safari preview last week.

Apple only patches the current version of OS X and the two prior. With its annual release schedule, that means Apple supports an operating system edition for approximately three years.

When OS X 10.12 launches -- probably this fall -- Apple will drop the oldest of the supported editions, Mavericks, just as last year it retired 2012's Mountain Lion from all support.

About one in five Macs ran an unsupported version of OS X in April, according to data published two weeks ago by analytics vendor Net Applications.

iTunes 12.4, which patched just one security flaw, sported several UI (user interface) changes that Apple touted as resulting in a simpler design.

For several years, Apple has issued just five updates to each edition of OS X -- the final OS X 10.10.5, for instance, shipped in mid-August 2015, six weeks before the debut of El Capitan But with several months to go before the next version appears, it's almost certain that the Cupertino, Calif. company will deliver at least one more update, perhaps a pair.

Apple traditionally announces the newest version of the Mac's operating system at its June Worldwide Developer Conference (WWDC), quickly offers developers and users preview code, then months later, ships the final.

Some recent signals hint that at WWDC, which is to kick off June 13, Apple will rebrand OS X as MacOS to move its nomenclature to the format of its other operating systems, including iOS, tvOS and watchOS.

The updates to El Capitan, Yosemite, Mavericks, Safari and iTunes can be downloaded from the Mac App Store.

(www.computerworld.com)

Gregg Keizer