Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


   Security Update 2017-001 (Sierra) and Security Update 2017-004 (El
   Capitan)

   Agen G. N. Schmitz

   Apple has released Security Updates 2017-001 macOS Sierra and 2017-004
   OS X v10.11.6 El Capitan, patching security vulnerabilities that the
   company addresses in macOS 10.13.1 High Sierra (see '[1]macOS 10.13.1
   High Sierra Offers Minor Fixes and More Emoji,' 1 November 2017), as
   well as many other security breaches in the two older operating
   systems. The security updates include fixes for the KRACK exploits (see
   '[2]Wi-Fi Security Flaw Not As Bad As It's KRACKed Up To Be,' 17
   October 2017), patch multiple memory corruption issues that could lead
   to arbitrary code execution with kernel privileges, improve input
   sanitization to prevent an application from reading restricted memory,
   address multiple issues in Apache, and more. Apple recommends these
   updates for all users. (Free. For [3]10.12.6 Sierra, 768.3 MB; for
   [4]10.11.6 El Capitan, 853.6 MB; [5]security content release notes)

References

   1. http://tidbits.com/article/17608
   2. http://tidbits.com/article/17572
   3. https://support.apple.com/kb/DL1940
   4. https://support.apple.com/kb/DL1939
   5. https://support.apple.com/en-us/HT208221

.