Yosemite 10.11
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.
OS X Yosemite (/ j oʊ ˈ s ɛ m ɪ t i / yoh-SEM-it-ee; version 10.10) is the eleventh major release of macOS, Apple Inc.' S desktop and server operating system for Macintosh computers. OS X Yosemite was announced and released to developers on June 2, 2014, at WWDC 2014 and released to public beta testers on July 24, 2014.
- It's version 10.11, the twelfth edition of OS X. Its name refers to El Capitan, the iconic mountain located in the Yosemite National Park in California and has to do with the range of names chosen by the Cupertino-based company after exhausting all the options of large felines. Now they've turned to singular places in California such as.
- During the upgrade process to Mac OS X 10.10 Yosemite or 10.11 El Capitan, Java may be uninstalled from your system. In order to reinstall and run PDF Studio you will need to install the Java 6 Runtime again.
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other security updates, see Apple security updates.
OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks
Accelerate Framework
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue existed in the Accelerate Framework in multi-threading mode. This issue was addressed through improved accessor element validation and improved object locking.
CVE-ID
CVE-2015-5940 : Apple
apache_mod_php
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Multiple vulnerabilities in PHP
Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45.
CVE-ID
CVE-2015-0235
CVE-2015-0273
CVE-2015-6834
CVE-2015-6835
CVE-2015-6836
CVE-2015-6837
CVE-2015-6838
ATS
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in ATS. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team
Audio
Available for: OS X El Capitan 10.11
Impact: A malicious application may be able to execute arbitrary code
Description: An uninitialized memory issue existed in coreaudiod. This issue was addressed through improved memory initialization.
CVE-ID
CVE-2015-7003 : Mark Brand of Google Project Zero
Audio
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Playing a malicious audio file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of audio files. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5933 : Apple
CVE-2015-5934 : Apple
Bom
Available for: OS X El Capitan 10.11
Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution
Description: A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata.
CVE-ID
CVE-2015-7006 : Mark Dowd of Azimuth Security
CFNetwork
Available for: OS X El Capitan 10.11
Impact: Visiting a maliciously crafted website may lead to cookies being overwritten
Description: A parsing issue existed when handling cookies with different letter casing. This issue was addressed through improved parsing.
CVE-ID
CVE-2015-7023 : Marvin Scholz and Michael Lutonsky; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Huawei Canada, Nicholas Weaver of International Computer Science Institute and University of California, Berkeley, coordinated via CERT/CC
configd
Available for: OS X El Capitan 10.11
Impact: A malicious application may be able to elevate privileges
Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients.
CVE-ID
CVE-2015-7015 : PanguTeam
Os X Yosemite 10.11 Download
CoreGraphics
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in CoreGraphics. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5925 : Apple
CVE-2015-5926 : Apple
CoreText
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText
Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText
Available for: OS X El Capitan 10.11
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText
Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team
Directory Utility
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: A local user may be able to execute arbitrary code with root privileges
Description: An authentication issue existed during the establishment of new sessions. This issue was addressed through improved authorization checks.
CVE-ID
CVE-2015-6980 : Michael of Westside Community Schools
Disk Images
Available for: OS X El Capitan 10.11
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-6995 : Ian Beer of Google Project Zero
EFI
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: An attacker can exercise unused EFI functions
Description: An issue existed with EFI argument handling. This was addressed by removing the affected functions.
CVE-ID
CVE-2014-4860 : Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT
Entry updated June 30, 2017
File Bookmark
Available for: OS X El Capitan 10.11
Impact: Browsing to a folder with malformed bookmarks may cause unexpected application termination
Description: An input validation issue existed in parsing bookmark metadata. This issue was addressed through improved validation checks.
CVE-ID
CVE-2015-6987 : Luca Todesco (@qwertyoruiop)
FontParser
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-5927 : Apple
CVE-2015-5942
CVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative
CVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team
FontParser
Available for: OS X El Capitan 10.11
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team
CVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team
Grand Central Dispatch
Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11
Impact: Processing a maliciously crafted package may lead to arbitrary code execution
Description: A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-6989 : Apple
Yosemite 10.11 Update
Graphics Drivers
Available for: OS X El Capitan 10.11
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: Multiple out of bounds read issues existed in the NVIDIA graphics driver. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-7019 : Ian Beer of Google Project Zero
CVE-2015-7020 : Moony Li of Trend Micro
Graphics Drivers
Available for: OS X El Capitan 10.11
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-7021 : Moony Li of Trend Micro
ImageIO
Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5
Impact: Processing a maliciously crafted image file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.
CVE-ID
CVE-2015-5935 : Apple
CVE-2015-5938 : Apple
ImageIO
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Processing a maliciously crafted image file may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation.
CVE-ID
CVE-2015-5936 : Apple
CVE-2015-5937 : Apple
CVE-2015-5939 : Apple
IOAcceleratorFamily
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-6996 : Ian Beer of Google Project Zero
Yosemite 10.11
IOHIDFamily
Available for: OS X El Capitan 10.11
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-6974 : Luca Todesco (@qwertyoruiop)
Kernel
Available for: OS X Yosemite v10.10.5
Impact: A local user may be able to execute arbitrary code with system privileges
Description: A type confusion issue existed in the validation of Mach tasks. This issue was addressed through improved Mach task validation.
CVE-ID
CVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella
Kernel
Available for: OS X El Capitan 10.11
Impact: An attacker with a privileged network position may be able to execute arbitrary code
Description: An uninitialized memory issue existed in the kernel. This issue was addressed through improved memory initialization.
CVE-ID
CVE-2015-6988 : The Brainy Code Scanner (m00nbsd)
Kernel
Available for: OS X El Capitan 10.11
Impact: A local application may be able to cause a denial of service
Description: An issue existed when reusing virtual memory. This issue was addressed through improved validation.
CVE-ID
CVE-2015-6994 : Mark Mentovai of Google Inc.
libarchive
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: A malicious application may be able to overwrite arbitrary files
Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.
CVE-ID
CVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer
MCX Application Restrictions
Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11
Impact: A developer-signed executable may acquire restricted entitlements
Description: An entitlement validation issue existed in Managed Configuration. A developer-signed app could bypass restrictions on use of restricted entitlements and elevate privileges. This issue was addressed through improved provisioning profile validation.
CVE-ID
CVE-2015-7016 : Apple
mDNSResponder
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in DNS data parsing. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-7987 : Alexandre Helie
mDNSResponder
Available for: OS X El Capitan v10.11
Impact: A local application may be able to cause a denial of service
Description: A null pointer dereference issue was addressed through improved memory handling.
CVE-ID
CVE-2015-7988 : Alexandre Helie
Net-SNMP
Available for: OS X El Capitan 10.11
Impact: An attacker in a privileged network position may be able to cause a denial of service
Description: Multiple issues existed in netsnmp version 5.6. These issues were addressed by using patches affecting OS X from upstream.
CVE-ID
CVE-2012-6151
CVE-2014-3565
OpenGL
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue existed in OpenGL. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5924 : Apple
OpenSSH
Available for: OS X El Capitan 10.11
Impact: A local user may be able to conduct impersonation attacks
Description: A privilege separation issue existed in PAM support. This issue was addressed with improved authorization checks.
CVE-ID
CVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH
Sandbox
Available for: OS X El Capitan 10.11
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: An input validation issue existed when handling NVRAM parameters. This issue was addressed through improved validation.
CVE-ID
CVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical Institute, Apple
Script Editor
Available for: OS X El Capitan 10.11
Impact: An attacker may trick a user into running arbitrary AppleScript
Description: In some circumstances, Script Editor did not ask for user confirmation before executing AppleScripts. This issue was addressed by prompting for user confirmation before executing AppleScripts.
CVE-ID
CVE-2015-7007 : Joe Vennix
Security
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11
Impact: An Apple-signed binary could be used to load arbitrary files
Description: Certain Apple-signed executables loaded applications from relative locations. This was addressed through additional checks in Gatekeeper.
CVE-ID
CVE-2015-7024 : Patrick Wardle of Synack
Security
Available for: OS X El Capitan 10.11
Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validation.
CVE-ID
CVE-2015-7059 : David Keeler of Mozilla
CVE-2015-7060 : Tyson Smith of Mozilla
CVE-2015-7061 : Ryan Sleevi of Google
Security
Available for: OS X El Capitan 10.11
Impact: A malicious application may be able to overwrite arbitrary files
Description: A double free issue existed in the handling of AtomicBufferedFile descriptors. This issue was addressed through improved validation of AtomicBufferedFile descriptors.
CVE-ID
CVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey Ulanov from the Chrome Team
SecurityAgent
Available for: OS X El Capitan 10.11
Impact: A malicious application can programmatically control keychain access prompts
Description: A method existed for applications to create synthetic clicks on keychain prompts. This was addressed by disabling synthetic clicks for keychain access windows.
CVE-ID
CVE-2015-5943
OS X El Capitan v10.11.1 includes the security content of Safari 9.0.1.
Security Update 2015-004 and 2015-007 is recommended for all users and improves the security of OS X.
Contents
Yosemite 10.11.6
Update Os X Yosemite 10.11
- 7.1 Mac OS X El Capitan VS Yosemite
There are several similarities and differences between the current Mac OS- Yosemite and the newly released Mac OS X El Capitan. Fortunately for users, Yosemite can be upgraded to the new El Capitan for free, or users can easily partition Mac to install both El Capitan and Yosemite. Thus you can switch from one to another.
Comparison: Mac OS X El Capitan VS Yosemite
VS | Mac OS X 10.10 Yosemite | |
|---|---|---|
| Apps can load twice faster, while Internet connectivity speeds have also been increased greatly. Opening of PDF files and Word documents are also faster than ever. One advantage El Capitan has over Yosemite is the new Mission control feature that displays apps at the bar on top of your screen- this helps you stay more organized than the Thumbnail feature of Yosemite. | Advantages | The menu bar at the top of the screen is opaque, and the Messages sidebar is translucent. Though some may see more minimalist aesthetics in the increased use of transparency but this serves no useful purpose. |
| You can only install software that has been approved by Apple on the new Mac OS X El Capitan. | Disadvantage | One of the disadvantages of using Yosemite are the lags and slowdowns of apps, likewise the stuttering animations as well as slow Internet connectivity have also been reported. |
| El Capitan also comes with a full screen tweaks and mission control features. The mission control displays the names of existing apps at the top of the screen page, and this has replaced the thumbnail feature on the Yosemite. | Mission Control | The Thumbnail of Yosemite features a simplified menu bar around Yosemite. Height of many window title bars in Yosemite has been reduced. |
| There is a new Spotlight feature on El Capitan that allows you resize windows and move them anywhere on your desktop screen. El Capitan also provides search results from more sources, thus you will get the exact stuff you search for instead of too many results. | Spotlight | The Spotlight icon is located in the top right of the screen, but when you click on it the window opens in the middle of the screen. When first started using Spotlight in Yosemite, it is quite slow. |
| With the new Swipe gesture and improved full screen support, you can now optimize the way you read or manage your mails better on Mac OS X El Capitan – you can use this feature as a quick correspondence handler, and also manage your contacts and calendar much better from your inbox. With one swipe, you can mark an email as read or unread. | Mail in Yosemite doesn't appear to have changed much from Mail in Mavericks, apart from a few slight interface changes. | |
| Mac OS X El Capitan comes with third party editing tools that allows you personalize your photos, by adding more details. The photo app on El Capitan is one of the best you can find on any operating system. The multiple editing extensions on the Photo apps found on El Capitan can allow you add subtle filters and beautiful textures that will make your photos extraordinary. | Photo | Users can transfer images from iPhone to Mac by AirDrop. |
| The new Safari on Mac OS X El Capitan is the perfect browser tool for your Mac device. The New Safari allows you to Pin your favorite websites, thus you can keep them opened, likewise you can mute audios without checking the tab from which the sound is coming from. | Safari | In Safari these menu bars buttons appear on the same level as the address/search bar. Merging the toolbar and title bar will bring help to users. However, this mean that the title of a page in Safari and the name of the document in your word processor will be invisible. |
| The enhanced Maps available on Mac OS X El Capitan provides maximum public transit information you can ever ask for, thus you will never miss your way even in a big city. You will have access to in-built public transport maps, directions and schedules. With El Capitan, you can easily plan your route with just few clicks. | Maps | When you search for a location, a Map of said location including the tools to find directions will appear. |
| One of the things that has made Mac OS X El Capitan more secured is the fact that the use of third party software is restricted, thus you may cope with much fewer bugs, or other threats to your Mac device. The double-coding system and several other password encryption recognition security features on El Capitan also make it more secured than Yosemite. | Security | Yosemite allows more third party software, though it is not lacking the basic Apple security features. the fact that you will need Apple login details and password to access your Mac makes it difficult for someone to break in, likewise Apple provides an iCloud security for all files stored in its cloud system. |
| When it comes to prices, the final price of Mac OS X El Capitan is still being speculated but many believe much difference should not exist between it and Yosemite. For now the upgrade of Yosemite to Mac OS X El Capitan is free and users who want to upgrade to the premium El Capitan will have to pay an amount that is expected not to be more than $60 a year. | Price | The Yosemite costs less than $50 a year while the premium costs more. |
| There is no doubt about the fact that performance in Mac OS X El Capitan is much more better than Yosemite. Launching apps on El Capitan is more than twice faster, likewise switching between apps on the new El Capitan is more than 1.5 times faster than Yosemite. The disk cache optimization included in the new El Capitan. The new user interface on Mac OS X El Capitan also optimizes the latest IOS 9 which makes it more user-friendly than the Yosemite. | Performance | The performance of Yosemite will largely depend on other factors such as the available hard disk space as well as the RAM. You will need a minimum hard disk space of about 2G to download and install the new Mac OS X El Capitan, however, the Yosemite requires much less disk space and RAM size. |