Apple releases OS X 10.10.5 update

On the security front, OS X 10.10.5 resolves a serious privilege-escalation vulnerability that could result in malicious software installing malware under root permission without the need for the system password.

OS X 10.10.5 has been in beta for quite a while and was rumored to be released very soon, and today marks the day when Apple finally opened its floodgates to the public so they can go ahead and download the latest Yosemite update. One of the major issues faced by the users was the lack of proper segregation of music files. Apple’s advisory states that the potential impact of the dyld issues is that a local user may be able to execute arbitrary code with system privileges, due to a path validation issue. Complete details of the security patches can be found on Apple’s support site. “I did not expect at all being credited for DYLD_PRINT_TO_FILE after dropping it publicly”, Esser wrote in a Twitter message.

The OS X update specifically cites improvements to “stability, compatibility, and security” while also highlighting specific fixes for Mail, Photos, and QuickTime Player apps. Ryan Pentney and Richard Johnson of Cisco’s Talos research group reported five of the QuickTime issues to Apple.

The updates’ appearance Thursday signaled that Apple is just weeks away from introducing their successors, OS X El Capitan and iOS 9. The update is expected to fix quite a few issues with Apple Music like random appearance of album artwork, trouble with tuning into the iTunes Music library, etc. The new update will also allow the artists to comment on the album or songs via connect. “An attacker with a privileged network position may be able to intercept users’ Dictionary app queries”, Apple warned.