Original release date: December 23, 2014

Apple has released security updates for OS X Mountain Lion, Mavericks, and Yosemite to address multiple vulnerabilities in the Network Time Protocol daemon. Exploitation of these vulnerabilities may allow a remote attacker to take control of a vulnerable system.

US-CERT encourages users and administrators to review Apple Security Update HT6601 and Vulnerability Note VU#852879 for additional information, and apply the necessary updates.

Also…

Apple Inc has pushed out its first-ever automated security update to Macintosh computers to help defend against newly identified bugs that security researchers have warned could enable hackers to gain remote control of machines.

The company pushed out the software on Monday to fix critical security vulnerabilities in a component of its OS X operating system called the network time protocol, or NTP, according to Apple spokesman Bill Evans.NTP is used for synchronizing clocks on computer systems.

The bugs were made public in security bulletins on Friday by the Department of Homeland Security and the Carnegie Mellon University Software Engineering Institute. Carnegie Mellon identified dozens of technology companies, including Apple, whose products might be vulnerable.

Read more here…