Published November 05, 2015
If you’re a Mac user you might have noticed something unusual this morning; a pop-up saying “Security Update Installed.” What’s odd about the message is the fact users don’t have to take any action to make it appear. It’s an automatic, mandatory security fix, the first ever pushed by Apple.
The threat which made the fix necessary is a flaw in Network Time Protocol (NTP), a service used to keep a Mac’s system clock synchronized. A buffer overflow exploit became public knowledge last week, and a properly constructed attack using the flaw could remotely execute code on a target system.
Google originally discovered the problem, and it was highlighted by a U.S. Government security notification on December the 19th. Why was Google trying to find flaws in Apple’s code? Actually, NTP doesn’t belong to Apple at all. It’s a open-source protocol that’s available to a wide variety of computers, servers and other networked devices. Few security flaws have appeared in the protocol over the years, but any discovered automatically becomes severe because of NTP’s widespread use.
While there isn’t a current, known threat that’s taking advantage of this flaw to target OS X, the severity and ubiquity of the flaw means everyone should update as soon as possible. If you didn’t see the “Security Update Installed” message on your Mac this morning open the Mac App Store and check the Updates section. You should see “OS X NTP Security Update” listed as installed or ready to install.