Apple today released Security Update 2015–003 1.0 for users who are running the current publicly available version of Yosemite, OS X 10.10.2. The update includes fixes for iCloud Keychain and an issue that could allow malicious applications to execute code.

securityupdate003
- Security Update 2015-003 Yosemite
- Security Update 2015-003 Yosemite (Early 2015 Mac)

Apple recommends that all users download the update, which can be acquired through the Software Update tool in the Mac App Store, or through the links below. According to Apple, the update "improves the security of OS X." There are two different versions available, one for early 2015 Macs and one for earlier Macs.

iCloud Keychain
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able
to execute arbitrary code
Description: Multiple buffer overflows existed in the handling of
data during iCloud Keychain recovery. These issues were addressed
through improved bounds checking.
CVE-ID
CVE-2015-1065 : Andrey Belenko of NowSecure

IOSurface
Available for: OS X Yosemite v10.10.2
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A type confusion issue existed in IOSurface's handling
of serialized objects. The issue was addressed through additional
type checking.
CVE-ID
CVE-2015-1061 : Ian Beer of Google Project Zero

Today's security update comes 10 days after Apple issued Security Update 2015–002 designed to fix the “FREAK” security flaw that left many devices vulnerable to hacking attempts.

Top Rated Comments

DualShock Avatar
128 months ago
Seems to me there are no Graphics extensions updated.

The nvidia drivers look for a specific compatible OS build number.

Maybe not but this is inside the Security Update:

Edit: System version of this update is 14C1514

Hmm, one of the dylib's has "coretls" in the name, could be related to the OpenSSL security flaws announced recently?

http://www.openssl.org/news/secadv_20150319.txt
Score: 1 Votes (Like | Disagree)
justperry Avatar
128 months ago
For the love of god this better not break the mac pro nvdia drivers.

Seems to me there are no Graphics extensions updated.
Score: 1 Votes (Like | Disagree)
007 Junior Avatar
128 months ago
Does anyone know if this update is already integrated in the 10.10.3 Public Beta?
Score: 1 Votes (Like | Disagree)

Popular Stories

Generic iOS 18

iOS 18.3 Coming Soon: Here's What's New

Monday January 13, 2025 5:33 am PST by
iOS 18.3 is currently in beta for developers and public beta testers. So far, the upcoming iPhone software update is very minor in scope. Below, we outline what is new in iOS 18.3 so far. The only potential new feature coming to iPhones with iOS 18.3 so far is robot vacuum support in the Home app, but this functionality is not yet live. Apple is laying the groundwork for the feature,...
new magsafe charger

Apple Releases Updated MagSafe Charger Firmware

Tuesday January 14, 2025 11:30 am PST by
Apple today released new firmware designed for the 25W MagSafe Charger that is compatible with the iPhone 12 and later and the latest AirPods and Apple Watch models. The updated firmware is version 2A143, up from the 2A138 firmware that the accessory shipped with. In the Settings app, you'll see a different version number than the internal firmware number. The 2024 MagSafe charger was...
iPhone 17 Slim Feature Single Camera 1 Redux

'iPhone 17 Air' Launching Later This Year With These 10 New Features

Wednesday January 15, 2025 7:16 am PST by
While the so-called "iPhone 17 Air" is not expected to launch until September, there are already plenty of rumors about the "ultra-thin" device. Overall, the "iPhone 17 Air" is shaping up to be a mixed bag. Due to its thinness, the device is expected to have some limited specifications compared to the iPhone 17 Pro models, including only a single rear camera, only a single speaker, no SIM...
iPhone 17 Pro Dual Tone Feature 1

iPhone 17 Pro Launching Later This Year With These 8 New Features

Thursday January 9, 2025 5:45 am PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025: More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
HomePod mini and Apple TV

HomePod Mini 2 and New Apple TV Launch Timeframe Narrowed Down

Sunday January 12, 2025 4:11 pm PST by
Bloomberg's Mark Gurman recently reported that Apple plans to release new HomePod mini and Apple TV models this year, and now he has provided a more precise timeframe. In his Power On newsletter today, Gurman said Apple is currently aiming to launch the new HomePod mini and Apple TV models "toward the end of the year." That timeframe suggests the devices will be released at some point...
severance new york promo 1

Apple Promotes Severance Season 2 Premiere With Lumon Industries Pop-Up and Visits From Actors

Tuesday January 14, 2025 3:47 pm PST by
Ahead of the season two premiere of hit TV show Severance, Apple is marketing the show with a fun Severance pop-up at the Grand Central Terminal in New York City. Apple has assembled a glass cube with workstations that are identical to the setups that Lumon employees use on the show, complete with employees "working," doing yoga, playing catch, throwing paper airplanes, sipping coffee, and...
airpods pro 2 gradient

AirPods Pro 3 Expected This Year: Here's What We Know

Wednesday January 8, 2025 7:05 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
General Apps Messages Redux

Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security

Monday January 13, 2025 6:11 am PST by
A new social engineering tactic is being used by cybercriminals to trick iPhone users into disabling iMessage's built-in phishing protection, in a bid to expose them to malicious links and scams, according to BleepingComputer. The scam exploits a security feature in iMessage that automatically disables links from unknown senders. Apple told the outlet that when users reply to these messages...