clock menu more-arrow no yes

Filed under:

Apple's first ever automatic security update patches critical bug

New, 56 comments

Apple has issued its first ever automatic security update for Mac computers, fixing a security flaw that the company felt was too dangerous to wait for users to patch. "The update is seamless," Apple spokesperson Bill Evans told Reuters. "It doesn’t even require a restart."

the vulnerability was announced by the US Department of Homeland Security

The vulnerability that the update fixes is found in a common software component known as NTP or network time protocol. NTP is used for synchronizing clocks between computer systems and across the global internet, and has previously been exploited by hackers to pull off substantial attacks on other systems. The flaw was identified by Carnegie Mellon University’s Software Engineering Institute and was made public in a security bulletin issued by the Department of Homeland Security last Friday. The vulnerability affects dozens of technology tech companies’ products as well as Apple’s.

Although Apple has had the capability to install software fixes automatically for more than two years it has previously preferred to prompt users to authenticate the updates. (Microsoft has been automatically updating vulnerabilities in its Windows software for years.) At the time of this posting, we've seen one Verge Mac update automatically while three others just listed the update availability in the App Store (a download that requires user intervention).