Apple Delivers First-Ever Automated Mac Security Update

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Apple recently pushed out an automated security update to Mac computers for the first time ever, patching several critical security flaws that were recently uncovered in the network time protocol (NTP).

NTP, which is used to synchronize clocks between computer systems, has been leveraged in several recent cyber attacks, including a DDoS attack on CloudFlare in February 2014 that exceeded 400 Gbps, making it the largest such attack ever.

"Unfortunately, the simple UDP-based NTP protocol is prone to amplification attacks because it will reply to a packet with a spoofed source IP address and because at least one of its built in commands will send a long reply to a short request," Cloudflare programmer John Graham-Cumming explained in a blog post. "That makes it ideal as a DDoS tool."

Apple introduced the technology for delivering automated security updates two years ago, but it hadn't been used until this week.

In this case, Apple spokesman Bill Evans told Reuters, the company wanted to protect customers as quickly as possible due to the severity of the vulnerabilities.

"The update is seamless," Evans said. "It doesn't even require a restart."

The flaws were discovered by Google Security Team researchers Neel Mehta and Stephen Roettger, and were detailed in a recent alert from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

The vulnerabilities, which can be exploited remotely and don't require a significant amount of skill to exploit, "could allow an attacker to execute arbitrary code with the privileges of the ntpd process," according to ICS-CERT.

Still, Tripwire senior security analyst Ken Westin told Infosecurity Magazine that automated updates always come with a risk.

"Apple's proactive steps to automatically remediate this particular vulnerability shows the need to quickly patch remotely exploitable vulnerabilities," Westin said. "However, the use of Apple’s automatic deployment tool is not without risks, as even the simplest update can cause problems for some systems."

Westin says users who are concerned about the potential impact of automatic updates should disable them by clicking on the Apple Menu, choosing App Store, and then unchecking "Install system data files and security updates."