Apple patches zero-day vulnerabilities in Safari and OS X

The apparently government-sponsored hackery aimed at activist Ahmed Mansoor last week prompted a quick response from Apple, with a patch for iOS arriving the day of the news. Turns out the three (!) zero-day exploits deployed against Mansoor kind of worked against Safari and OS X, as well.

Apple issued a patch today to fix that, but you’ll need Yosemite or El Capitan to receive protection from these exploits. Improved input sanitization (sic) and improved memory handling fix the holes in OS X — and presumably these changes will be baked into Sierra (where, incidentally, the “macOS” naming convention starts as well). Safari gets an update to 9.1.3 and some improved memory handling of its own.

All these pieces of software are working from a shared code base to some extent, so it’s not surprising that they would share vulnerabilities. This should wrap things up, though. Check for updates under the Apple menu to get yourself inoculated against the “Trident” attack.