OS X El Capitan v10.11.3

 

The OS X El Capitan v10.11.3 Update is recommended for all OS X El Capitan users.

El Capitan

The OS X El Capitan v10.11.3 Update improves the stability, compatibility, and security of your Mac, and is recommended for all users.

OS X El Capitan v10.11.3 update : Fixes an issue that may prevent some Mac computers from waking from sleep when connected to certain 4K displays.

Enterprise content : Third-party .pkg file receipts stored in /var/db/receipts are now retained when upgrading from OS X Yosemite.

Security Updates (OS X El Capitan 10.11.3 and Security Update 2016-001) :

AppleGraphicsPowerManagement

  • Available for: OS X El Capitan v10.11 to v10.11.2
  • Impact: A local user may be able to execute arbitrary code with kernel privileges.
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-1716 : moony li of Trend Micro and Liang Chen and Sen Nie of KeenLab, Tencent.

Disk Images

  • Available for: OS X El Capitan v10.11 to v10.11.2.
  • Impact: A local user may be able to execute arbitrary code with kernel privileges.
  • Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.
  • CVE-2016-1717 : Frank Graziano of Yahoo! Pentest Team.

IOAcceleratorFamily

  • Available for: OS X El Capitan v10.11.0 to v10.11.2.
  • Impact: A local user may be able to execute arbitrary code with kernel privileges.
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-1718 : Juwei Lin Trend Micro working with HP’s Zero Day Initiative

IOHIDFamily

  • Available for: OS X El Capitan v10.11 to v10.11.2.
  • Impact: A local user may be able to execute arbitrary code with kernel privileges.
  • Description: A memory corruption issue existed in an IOHIDFamily API. This issue was addressed through improved memory handling.
  • CVE-2016-1719 : Ian Beer of Google Project Zero.

IOKit

  • Available for: OS X El Capitan v10.11 to v10.11.2.
  • Impact: A local user may be able to execute arbitrary code with kernel privileges.
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-1720 : Ian Beer of Google Project Zero.

Kernel

  • Available for: OS X El Capitan v10.11 to v10.11.2.
  • Impact: A local user may be able to execute arbitrary code with kernel privileges.
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-1721 : Ian Beer of Google Project Zero and Ju Zhu of Trend Micro

libxslt

  • Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.2.
  • Impact: Visiting a maliciously crafted website may lead to arbitrary code execution.
  • Description: A type confusion issue existed in libxslt. This issue was addressed through improved memory handling.
  • CVE-2015-7995 : puzzor.

OSA Scripts

  • Available for: OS X El Capitan v10.11 to v10.11.2.
  • Impact: A quarantined application may be able to override OSA script libraries installed by the user.
  • Description: An issue existed when searching for scripting libraries. This issue was addressed through improved search order and quarantine checks.
  • CVE-2016-1729 : an anonymous researcher.

syslog

  • Available for: OS X El Capitan v10.11 to v10.11.2.
  • Impact: A local user may be able to execute arbitrary code with root privileges.
  • Description: A memory corruption issue was addressed through improved memory handling.
  • CVE-2016-1722 : Joshua J. Drake and Nikias Bassen of Zimperium zLabs.