Security Updates For El Capitan

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.

Apple security documents reference vulnerabilities by CVE-ID when possible.

Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite

Released September 1, 2016

Kernel

Sep 01, 2016 The updates are labeled as Security Update 2016-001 10.11.6 for OS X El Capitan and Security Update 2016-005 10.11.5 for OS X Yosemite and are available now from the Mac App Store Updates section. The update size is quite small and should install quickly, but do remember to backup your Mac before installing any system software update. Jan 20, 2016  Apple put out a security and stability update for OS X El Capitan on Tuesday. There are no new features, but quite a few stability and security tweaks. The update, 10.11.3, is recommended for all.

Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6

Impact: An application may be able to disclose kernel memory

Description: A validation issue was addressed through improved input sanitization.

CVE-2016-4655: Citizen Lab and Lookout

Kernel

Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-4656: Citizen Lab and Lookout

Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite include the security content of Safari 9.1.3.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.

Apple security documents reference vulnerabilities by CVE-ID when possible.

Updates

macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan

Released June 1, 2018

Accessibility Framework

Available for: macOS High Sierra 10.13.4

Impact: A malicious application may be able to execute arbitrary code with system privileges

Description: An information disclosure issue existed in Accessibility Framework. This issue was addressed with improved memory management.

CVE-2018-4196: Alex Plaskett, Georgi Geshev and Fabian Beterke of MWR Labs working with Trend Micro’s Zero Day Initiative, and WanderingGlitch of Trend Micro Zero Day Initiative

Entry updated July 19, 2018

AMD

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to read kernel memory

Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.

A copy of the tool - Download here (Current version: 4.2.7)- View changelog and download older versions here Known issues: - Unsupported WiFi modules in some systems. Macs that use the Broadcom BCM4321 WiFi module will not have functional WiFi when running Sierra. A fix for this is to open up your machine and install a compatible WiFi card. El capitan patcher tool for unsupported macs 2017. Mar 31, 2020  OS X El Capitan (10.11) on Unsupported Macs macOS Extractor and MacPostFactor are apps that guide you through patching and installing OS X El Capitan (10.11), Yosemite (10.10), Mavericks (10.9), or Mountain Lion (10.8) on your older Mac. Mac Os El Capitan Patcher Tool For Unsupported Macs. Contents. OS X 10.11 El Capitan, released on September 30, 2015, is the next iteration of OS X, building on the features and design changes introduced with OS X Yosemite.

CVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team

AMD

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to read kernel memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2018-4256: shrek_wzw of Qihoo 360 Nirvan Team

Entry added July 19, 2018

AMD

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to read kernel memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2018-4255: shrek_wzw of Qihoo 360 Nirvan Team

Entry added October 18, 2018, updated December 14, 2018

AMD

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: An input validation issue existed in the kernel. This issue was addressed with improved input validation.

CVE-2018-4254: an anonymous researcher

Entry added October 18, 2018

AMD

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: An input validation issue existed in the kernel. This issue was addressed with improved input validation.

CVE-2018-4254: shrek_wzw of Qihoo 360 Nirvan Team

Entry added October 24, 2018

AppleGraphicsControl

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2018-4258: shrek_wzw of Qihoo 360 Nirvan Team

Entry added October 18, 2018

AppleGraphicsPowerManagement

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A buffer overflow was addressed with improved size validation.

CVE-2018-4257: shrek_wzw of Qihoo 360 Nirvan Team

Entry added October 18, 2018

apache_mod_php

Available for: macOS High Sierra 10.13.4

Impact: Issues in php were addressed in this update

Description: This issue was addressed by updating to php version 7.1.16.

CVE-2018-7584: Wei Lei and Liu Yang of Nanyang Technological University

ATS

Available for: macOS High Sierra 10.13.4

Impact: A malicious application may be able to elevate privileges

Description: A type confusion issue was addressed with improved memory handling.

CVE-2018-4219: Mohamed Ghannam (@_simo36)

Bluetooth

Available for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro (Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015), MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016), MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports), MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports), MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports), MacBook (Retina, 12-inch, Early 2016), MacBook (Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017), iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac (Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015), iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and iMac (21.5-inch, 2017)

Black and dark grey windows replace white ones which should be good for photographers and creatives since it allows images and files to stand out more.includes 16 variations of the same majestic sand dune wallpaperssupport Windows 10how to use:to use this theme first you need to installCopy theme files to C:WindowsResourcesThemesOpen Settings Personalization Themes Select the theme.Install to remove the ribbon.you can get iconpack, dock and finderbar from here. New version is here: macOS Mojave Dynamic Theme are about to change the look of your desktopmacOS Mojave Dynamic Theme also brings the long-awaited dark mode to the PC, giving users an inverted color scheme. Macos themes for windows 10.

Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic

Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.

CVE-2018-5383: Lior Neumann and Eli Biham

Entry added July 23, 2018

Bluetooth

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6

Impact: A malicious application may be able to determine kernel memory layout.

Description: An information disclosure issue existed in device properties. This issue was addressed with improved object management.

CVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team

CoreGraphics

Available for: macOS High Sierra 10.13.4

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2018-4194: Jihui Lu of Tencent KeenLab, Yu Zhou of Ant-financial Light-Year Security Lab

Entry added June 21, 2018

CUPS

Available for: macOS High Sierra 10.13.4

Impact: A local process may modify other processes without entitlement checks

Description: An issue existed in CUPS. This issue was addressed with improved access restrictions.

CVE-2018-4180: Dan Bastone of Gotham Digital Science

Entry added July 11, 2018

CUPS

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to read arbitrary files as root

Description: An issue existed in CUPS. This issue was addressed with improved access restrictions.

CVE-2018-4181: Eric Rafaloff and John Dunlap of Gotham Digital Science

Entry added July 11, 2018

CUPS

Available for: macOS High Sierra 10.13.4

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An access issue was addressed with additional sandbox restrictions on CUPS.

CVE-2018-4182: Dan Bastone of Gotham Digital Science

Entry added July 11, 2018

CUPS

Available for: macOS High Sierra 10.13.4

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An access issue was addressed with additional sandbox restrictions.

CVE-2018-4183: Dan Bastone and Eric Rafaloff of Gotham Digital Science

Entry added July 11, 2018

EFI

Available for: macOS High Sierra 10.13.4

Impact: An attacker with physical access to a device may be able to elevate privileges

Description: A validation issue was addressed with improved logic.

CVE-2018-4478: an anonymous researcher, an anonymous researcher, Ben Erickson of Trusted Computer Consulting, LLC

Entry added February 15, 2019

Firmware

Available for: macOS High Sierra 10.13.4

Impact: A malicious application with root privileges may be able to modify the EFI flash memory region

Description: A device configuration issue was addressed with an updated configuration.

CVE-2018-4251: Maxim Goryachy and Mark Ermolov

FontParser

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4

Impact: Processing a maliciously crafted font file may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved validation.

CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team

Grand Central Dispatch

Available for: macOS High Sierra 10.13.4

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An issue existed in parsing entitlement plists. This issue was addressed with improved input validation.

CVE-2018-4229: Jakob Rieck (@0xdead10cc) of the Security in Distributed Systems Group, University of Hamburg

Graphics Drivers

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4159: Axis and pjf of IceSword Lab of Qihoo 360

Hypervisor

Available for: macOS High Sierra 10.13.4

Security Updates For El Capitan

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team

Run as an administrator in terminal for mac os mojave 10 14 6. Entry added October 30, 2018

iBooks

Available for: macOS High Sierra 10.13.4

Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks

Description: An input validation issue was addressed with improved input validation.

CVE-2018-4202: Jerry Decime

Identity Services

Available for: macOS High Sierra 10.13.4

Impact: A malicious application may be able to access local users AppleIDs

Description: A privacy issue in the handling of Open Directory records was addressed with improved indexing.

CVE-2018-4217: Jacob Greenfield of Commonwealth School

Entry added December 10, 2018

Intel Graphics Driver

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4141: an anonymous researcher, Zhao Qixun (@S0rryMybad) of Qihoo 360 Vulcan Team

IOFireWireAVC

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2018-4228: Benjamin Gnahm (@mitp0sh) of Mentor Graphics

IOGraphics

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

Server address for outlook on mac yosemite. CVE-2018-4236: Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team

IOHIDFamily

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4234: Proteas of Qihoo 360 Nirvan Team

Kernel

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4249: Kevin Backhouse of Semmle Ltd.

Entry updated December 18, 2018

Kernel

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: In some circumstances, some operating systems may not expect or properly handle an Intel architecture debug exception after certain instructions. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes.

CVE-2018-8897: Andy Lutomirski, Nick Peterson (linkedin.com/in/everdox) of Everdox Tech LLC

Kernel

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2018-4241: Ian Beer of Google Project Zero

CVE-2018-4243: Ian Beer of Google Project Zero

libxpc

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to gain elevated privileges

Description: A logic issue was addressed with improved validation.

CVE-2018-4237: Samuel Groß (@5aelo) working with Trend Micro’s Zero Day Initiative

libxpc

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4404: Samuel Groß (@5aelo) working with Trend Micro’s Zero Day Initiative

Entry added October 30, 2018

Mail

Available for: macOS High Sierra 10.13.4

Impact: An attacker may be able to exfiltrate the contents of S/MIME- encrypted e-mail

Description: An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail.

CVE-2018-4227: Damian Poddebniak of Münster University of Applied Sciences, Christian Dresen of Münster University of Applied Sciences, Jens Müller of Ruhr University Bochum, Fabian Ising of Münster University of Applied Sciences, Sebastian Schinzel of Münster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, Jörg Schwenk of Ruhr University Bochum

Update From El Capitan

Messages

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to conduct impersonation attacks

Description: An injection issue was addressed with improved input validation.

CVE-2018-4235: Anurodh Pokharel of Salesforce.com

Messages

Available for: macOS High Sierra 10.13.4

Impact: Processing a maliciously crafted message may lead to a denial of service

Description: This issue was addressed with improved message validation.

CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd

NVIDIA Graphics Drivers

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

Security Updates For El Capitan

CVE-2018-4230: Ian Beer of Google Project Zero

Security

Available for: macOS High Sierra 10.13.4

Impact: Users may be tracked by malicious websites using client certificates

Description: An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates.

CVE-2018-4221: Damian Poddebniak of Münster University of Applied Sciences, Christian Dresen of Münster University of Applied Sciences, Jens Müller of Ruhr University Bochum, Fabian Ising of Münster University of Applied Sciences, Sebastian Schinzel of Münster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, Jörg Schwenk of Ruhr University Bochum

Security

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to read a persistent account identifier

Security Updates For El Capitan 8

Description: An authorization issue was addressed with improved state management.

CVE-2018-4223: Abraham Masri (@cheesecakeufo)

Security

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to read a persistent device identifier

Description: An authorization issue was addressed with improved state management.

CVE-2018-4224: Abraham Masri (@cheesecakeufo)

Security

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to modify the state of the Keychain

Description: An authorization issue was addressed with improved state management.

CVE-2018-4225: Abraham Masri (@cheesecakeufo)

Security

Available for: macOS High Sierra 10.13.4

Impact: A local user may be able to view sensitive user information

Description: An authorization issue was addressed with improved state management.

CVE-2018-4226: Abraham Masri (@cheesecakeufo)

Speech

Available for: macOS High Sierra 10.13.4

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: A sandbox issue existed in the handling of microphone access. This issue was addressed with improved handling of microphone access.

CVE-2018-4184: Jakob Rieck (@0xdead10cc) of the Security in Distributed Systems Group, University of Hamburg

UIKit

Available for: macOS High Sierra 10.13.4

Impact: Processing a maliciously crafted text file may lead to a denial of service

Description: A validation issue existed in the handling of text. This issue was addressed with improved validation of text.

No More Security Updates For El Capitan

CVE-2018-4198: Hunter Byrnes

Windows Server

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4193: Markus Gaasedelen, Amy Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro’s Zero Day Initiative, Richard Zhu (fluorescence) working with Trend Micro’s Zero Day Initiative

Security Updates For El Capitan California

Entry updated October 8, 2019