{"id":7205,"date":"2014-12-23T17:54:32","date_gmt":"2014-12-23T22:54:32","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=7205"},"modified":"2014-12-23T17:54:32","modified_gmt":"2014-12-23T22:54:32","slug":"apple-releases-patch-for-critical-ntp-security-flaw-in-os-x","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/23\/apple-releases-patch-for-critical-ntp-security-flaw-in-os-x\/","title":{"rendered":"Apple releases patch for critical NTP security flaw in OS X"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/59230-apple-releases-patch-critical-ntp-security-flaw-os.html\"><img data-recalc-dims=\"1\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/12\/2014-12-23-2.jpg\" alt='' \/><\/a><\/p>\n<p>Apple has released a new security update aimed at fixing a critical issue with the Network Time Protocol (NTP) service on OS X. It is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.1, and can be downloaded via the &#8220;updates&#8221; section of the Mac App Store.<\/p>\n<p>The Cupertino-based company revealed that several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. As for the fix, Apple said that the issues were addressed through improved error checking.<\/p>\n<p>Once you\u2019ve applied the update, you can verify the ntpd version by executing the following command in terminal:<\/p>\n<p>what \/usr\/sbin\/ntpd<\/p>\n<p>Users running Mountain Lion should be able to see ntp-77.1.1 as the updated build, while those running Mavericks and Yosemite should see version 88.1.1 and 92.5.1, respectively.<\/p>\n<p>Multiple security vulnerabilities related to NTP were highlighted by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) last week, saying they affect products using NTP service prior to NTP-4.2.8, and exploits targeting them are publicly available.<\/p>\n<p>The update also comes just over a couple of months after the iPhone maker released an update for OS X Mavericks, Lion, and Mountain Lion to fix the Shellshock bug in the Bash software, which is used in Unix-based systems.<\/p>\n<p>via <a href=\"http:\/\/www.techspot.com\/news\/59230-apple-releases-patch-critical-ntp-security-flaw-os.html\" target=\"_blank\">Apple releases patch for critical NTP security flaw in OS X &#8211; TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple has released a new security update aimed at fixing a critical issue with the Network Time Protocol (NTP) service [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[2,7,9,10],"tags":[84,1177],"class_list":["post-7205","post","type-post","status-publish","format-standard","hentry","category-apple","category-security","category-software","category-technology","tag-apple-2","tag-vulnerabilities"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1Sd","jetpack-related-posts":[{"id":6106,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/30\/13-things-os-x-yosemite-beta-testers-need-to-know\/","url_meta":{"origin":7205,"position":0},"title":"13 things OS X Yosemite beta testers need to know","author":"NCCT","date":"July 30, 2014","format":false,"excerpt":"For the first time since the OS X beta test of 2000, Apple is allowing Mac users to test and provide feedback on a prerelease version of OS X. The first 1 million people to sign up for the beta program through Apple\u2019s Web page\u2014which crashed under heavy traffic on\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8004,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/10\/latest-version-of-os-x-closes-backdoor-like-bug-that-gives-attackers-root\/","url_meta":{"origin":7205,"position":1},"title":"Latest version of OS X closes Backdoor-like bug that gives attackers root","author":"NCCT","date":"April 10, 2015","format":false,"excerpt":"For at least four years, a bug in Apple's OS X gave untrusted users\u2014and possibly remote hackers with only limited control of their target\u2014unfettered \"root\" privileges over Macs. The vulnerability is being called a \"hidden backdoor\" by Emil Kvarnhammar, the security researcher who discovered the bug and privately reported it\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/backdoor-640x425.png?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/backdoor-640x425.png?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/backdoor-640x425.png?resize=525%2C300 1.5x"},"classes":[]},{"id":5757,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/13\/dailytech-apple-reveals-os-x-yosemite-gives-it-a-fresh-coat-of-paint\/","url_meta":{"origin":7205,"position":2},"title":"DailyTech &#8211; Apple Reveals OS X &#8220;Yosemite&#8221;, Gives it a Fresh Coat of Paint","author":"NCCT","date":"June 13, 2014","format":false,"excerpt":"Apple's PC operating system gets an iOS 7-style makeover OS X is Apple\u2019s premiere desktop operating system, and it\u2019s getting a big update with OS X 10.10 \u201cYosemite\u201d. The \u201cflat\u201d user interface that was first introduced with iOS 7 has been deftly transferred to OS X. So for people that\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8023,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/15\/this-week-in-tech-505-my-thumb-got-sweaty\/","url_meta":{"origin":7205,"position":3},"title":"This Week in Tech 505: My Thumb Got Sweaty","author":"NCCT","date":"April 15, 2015","format":false,"excerpt":"Hosts: Leo Laporte, Steve Kovack, Jason Snell, and Ben Thompson \u00a0 Apple Watch pre-orders sell out, the new Apple MacBook and Samsung Galaxy S6 are released, critical security flaw in OS X 10.10.3 gets patched, Twitter is pushing for celebs to stop using Meerkat, Hillary Clinton hires Google executive to\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8157,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/29\/researcher-claims-that-attackers-can-easily-bypass-current-osx-security-tools\/","url_meta":{"origin":7205,"position":4},"title":"Researcher claims that attackers can easily bypass current OSX security tools","author":"NCCT","date":"April 29, 2015","format":false,"excerpt":"Most Mac users feel as though they are impenetrable to viruses and malicious software, but according to one researcher that is not the case. While Apple has its fair share if security measures in place, recent data has surfaced suggesting those tools are \u201ctrivial\u201d for any attacker to bypass. For\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5902,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/09\/so-long-truecrypt-5-alternative-encryption-tools-that-can-lock-down-your-data\/","url_meta":{"origin":7205,"position":5},"title":"So long, TrueCrypt: 5 alternative encryption tools that can lock down your data","author":"NCCT","date":"July 9, 2014","format":false,"excerpt":"Open-source legend TrueCrypt may be gone, but the usefulness of full disk encryption carries on. So what's a crypto fan to do now for their encryption needs? Well, you could continue to use older versions of TrueCrypt if you already have it installed. While the security community was shocked earlier\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=7205"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7205\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=7205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=7205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=7205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}