Apple goes for first silent, automatic security update to Mac OS X for NTP clock bug fix

Apple goes for first silent, automatic security update to Mac OS X for NTP clock bug fix

by Pete Daniel on 28 December 2014 · 2304 views

Apple which has long been believed to be more secure that Windows because of its largely Linux-based code architecture has been hit with the same denial of service attack vulnerability discovered by technicians recently which affects how the NTP process synchronizes the system clock.

The vulnerability is one that could let a hacker access the PC via the NTP system and run it as a zombie machine which is being controlled from outside the system as part of a denial of service coordinated attack.

Instead of issuing a security update that users can download and install themselves, the computer company took the highly unusual step of auto-installing the security patch in a systematic fashion to users of their OS X operating system world-wide. The global update is presently being rolled out globally with users only notified once the update has already been installed.

Automatic Updates Without Permission

It is an interesting tactic for Apple to choose to update OS X systems without verifying the approval first. If only for a common courtesy one would hope that they would have alerted each user and given them the choice whether to ignore or abort the patch download and installation, particularly after the uproar over the automatic addition of the most recently digital U2 album which was added to every iCloud account whether the user wanted it or not. But it appears Apple learns slowly and has decided to take over the computers of every OS X user in order to update it without giving people a “heads-up” first.

Manual Update Still Possible

1 large Apple goes for first silent automatic security update to Mac OS X for NTP clock bug fix

For users who has not already been automatically updated and whom do not wish to wait, it is possible to update Macs running OS X 10.8, 10.9, and 10.10 manually instead.

To install the NTP update manually, visit the Updates tab of the Mac App Store to download the patch yourself.

No Restart Needed

With both the automated and manual update for the NTP vulnerability it is not necessary to restart to Mac for the protection to be activated. It works once installed and the installed has been confirmed with a pop-up window from the OS X software confirming that the patch installed without a problem.

Comments (0)
Featured Articles