- Dec 01, 2009 Reporting: PLEASE HELP.Anti Virus/Firewall, Etc. For MAC OS X 10.5.8 This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET.
- Mar 18, 2015 Some anti-malware software only supports newer versions of OS X. If you're running an older Mac, use this instead. Some folks aren't comfortable upgrading their Macs' operating systems, and continue to use versions that aren't well-supported by new software. Fortunately there's still a solution for Macs running OS X Snow Leopard. Writes: Will the adware removal software you.
- Free Virus Protection For Mac Os X 10.55 Download
- Free Virus Protection For Mac Os X 10.5 10 5 Leopard
- Free Virus Protection For Mac Os X 10.5 10 5 Download
- Free Virus Protection For Mac Os X 10.55 8
Os 10 5 antivirus free download - Apple Safari, AVG AntiVirus Free, Apple Mac OS X Lion 10.7.5 Supplemental Update, and many more programs. Protect your Mac from malware. MacOS has many features that help protect your Mac and your personal information from malicious software, or malware.One common way malware is distributed is by embedding it in a harmless-looking app.
Some folks aren't comfortable upgrading their Macs' operating systems, and continue to use versions that aren't well-supported by new software. Fortunately there's still a solution for Macs running OS X Snow Leopard.
S.C. writes:
Will the adware removal software you've written about work on 10.6?
10.6 (Snow Leopard) is a fantastic version of the Mac operating system that many users are still quite happy with. And if you're happy with it, why upgrade, right?
Well, frankly, I can think of a million reasons to upgrade — Yosemite on a newer Mac and iOS 8 on modern iOS devices is a powerful combination. But I recognize that not everyone is quite as anxious to uproot their Mac's operating system as I am. It's scary! And it's sometimes a one-way trip.
The Mac adware removal software I've written about before includes AdwareMedic, Intego Mac Internet Security X8, and ClamXav. The first two apps require OS X Lion or higher, but ClamXav still works on Snow Leopard, according to its developer.
I'll be perfectly honest: I like AdwareMedic the best of any of these apps. I've had the best luck nuking the adware that's infested my family's and my customers' Macs. But if you're really not comfortable upgrading to something newer than Snow Leopard, ClamXav will work too.
ClamXav is free and safe to use. It can detect Mac-specific malware and malware that affects Windows apps too, so you'll keep your PC-using friends safe.
What's more you can set up ClamXav as either 'passive' or 'active:' You can configure only to scan the files you want to check, or activate 'Sentry' mode to monitor your hard drive every time new files arrive.
We may earn a commission for purchases using our links. Learn more.
Your tea–your wayReview: Free Your Tea Subscription Box is personalized just for your tastes
The Free Your Tea Subscription Box uses a number of methods to get you your perfect blend of teas each month.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other security updates, see Apple security updates.
OS X Yosemite v10.10.5 and Security Update 2015-006
- apacheAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in Apache 2.4.16, the most serious of which may allow a remote attacker to cause a denial of service.Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These were addressed by updating Apache to version 2.4.16.CVE-IDCVE-2014-3581CVE-2014-3583CVE-2014-8109CVE-2015-0228CVE-2015-0253CVE-2015-3183CVE-2015-3185
- apache_mod_phpAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.CVE-IDCVE-2015-2783CVE-2015-2787CVE-2015-3307CVE-2015-3329CVE-2015-3330CVE-2015-4021CVE-2015-4022CVE-2015-4024CVE-2015-4025CVE-2015-4026CVE-2015-4147CVE-2015-4148
- Apple ID OD Plug-inAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able change the password of a local userDescription: In some circumstances, a state management issue existed in password authentication. The issue was addressed through improved state management.CVE-IDCVE-2015-3799 : an anonymous researcher working with HP's Zero Day Initiative
- AppleGraphicsControlAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to determine kernel memory layoutDescription: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking.CVE-IDCVE-2015-5768 : JieTao Yang of KeenTeam
- BluetoothAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3779 : Teddy Reed of Facebook Security
- BluetoothAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to determine kernel memory layoutDescription: A memory management issue could have led to the disclosure of kernel memory layout. This issue was addressed with improved memory management.CVE-IDCVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze Networks
- BluetoothAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious app may be able to access notifications from other iCloud devicesDescription: An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. The issue affected devices using Handoff and logged into the same iCloud account. This issue was resolved by revoking access to the Apple Notification Center Service.CVE-IDCVE-2015-3786 : Xiaolong Bai (Tsinghua University), Luyi Xing (System Security Lab of Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University)
- BluetoothAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: An attacker with privileged network position may be able to perform denial of service attack using malformed Bluetooth packetsDescription: An input validation issue existed in parsing of Bluetooth ACL packets. This issue was addressed through improved input validation.CVE-IDCVE-2015-3787 : moony li of Trend Micro
- BluetoothAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local attacker may be able to cause unexpected application termination or arbitrary code executionDescription: Multiple buffer overflow issues existed in blued's handling of XPC messages. These issues were addressed through improved bounds checking.CVE-IDCVE-2015-3777 : mitp0sh of [PDX]
- bootpAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: An attacker may be able to determine Wi-Fi networks a device has previously accessedDescription: Upon connecting to a Wi-Fi network, MAC addresses of previously accessed networks may have been broadcast. This issue was addressed by broadcasting only MAC addresses associated with the current SSID.CVE-IDCVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)
- CloudKitAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to access the iCloud user record of a previously signed in userDescription: A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling.CVE-IDCVE-2015-3782 : Deepkanwal Plaha of University of Toronto
- CoreMedia PlaybackAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code executionDescription: Memory corruption issues existed in CoreMedia Playback. These were addressed through improved memory handling.CVE-IDCVE-2015-5777 : AppleCVE-2015-5778 : Apple
- CoreTextAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.CVE-IDCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team
- CoreTextAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.CVE-IDCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team
- curlAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.Description: Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.CVE-IDCVE-2014-3613CVE-2014-3620CVE-2014-3707CVE-2014-8150CVE-2014-8151CVE-2015-3143CVE-2015-3144CVE-2015-3145CVE-2015-3148CVE-2015-3153
- Data Detectors EngineAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Processing a sequence of unicode characters can lead to an unexpected application termination or arbitrary code executionDescription: Memory corruption issues existed in processing of Unicode characters. These issues were addressed through improved memory handling.CVE-IDCVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)
- Date & Time pref paneAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Applications that rely on system time may have unexpected behaviorDescription: An authorization issue existed when modifying the system date and time preferences. This issue was addressed with additional authorization checks.CVE-IDCVE-2015-3757 : Mark S C Smith
- Dictionary ApplicationAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: An attacker with a privileged network position may be able to intercept users' Dictionary app queriesDescription: An issue existed in the Dictionary app, which did not properly secure user communications. This issue was addressed by moving Dictionary queries to HTTPS.CVE-IDCVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team
- DiskImagesAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privilegesDescription: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team
- dyldAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A path validation issue existed in dyld. This was addressed through improved environment sanitization.CVE-IDCVE-2015-3760 : beist of grayhash, Stefan Esser
- FontParserAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.CVE-IDCVE-2015-3804 : AppleCVE-2015-5775 : Apple
- FontParserAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.CVE-IDCVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team
- groffAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Multiple issues in pdfroffDescription: Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff.CVE-IDCVE-2009-5044CVE-2009-5078
- ImageIOAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in the processing of TIFF images. This issue was addressed through improved bounds checking.CVE-IDCVE-2015-5758 : Apple
- ImageIOAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Visiting a maliciously crafted website may result in the disclosure of process memoryDescription: An uninitialized memory access issue existed in ImageIO's handling of PNG and TIFF images. Visiting a malicious website may result in sending data from process memory to the website. This issue is addressed through improved memory initialization and additional validation of PNG and TIFF images.CVE-IDCVE-2015-5781 : Michal ZalewskiCVE-2015-5782 : Michal Zalewski
- Install Framework LegacyAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute arbitrary code with root privilegesDescription: An issue existed in how Install.framework's 'runner' binary dropped privileges. This issue was addressed through improved privilege management.CVE-IDCVE-2015-5784 : Ian Beer of Google Project Zero
- Install Framework LegacyAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: A race condition existed in Install.framework's 'runner' binary that resulted in privileges being incorrectly dropped. This issue was addressed through improved object locking.CVE-IDCVE-2015-5754 : Ian Beer of Google Project Zero
- IOFireWireFamilyAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary code with system privilegesDescription: Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation.CVE-IDCVE-2015-3769 : Ilja van SprundelCVE-2015-3771 : Ilja van SprundelCVE-2015-3772 : Ilja van Sprundel
Free Virus Protection For Mac Os X 10.55 Download
- IOGraphicsAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation.CVE-IDCVE-2015-3770 : Ilja van SprundelCVE-2015-5783 : Ilja van Sprundel
- IOHIDFamilyAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling.CVE-IDCVE-2015-5774 : TaiG Jailbreak Team
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to determine kernel memory layoutDescription: An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface.CVE-IDCVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team, @PanguTeam
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments.CVE-IDCVE-2015-3768 : Ilja van Sprundel
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to cause a system denial of serviceDescription: A resource exhaustion issue existed in the fasttrap driver. This was addressed through improved memory handling.CVE-IDCVE-2015-5747 : The Brainy Code Scanner (m00nbsd)
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to cause a system denial of serviceDescription: A validation issue existed in the mounting of HFS volumes. This was addressed by adding additional checks.CVE-IDCVE-2015-5748 : Maxime Villard of m00nbsd
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute unsigned codeDescription: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation.CVE-IDCVE-2015-3806 : TaiG Jailbreak Team
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A specially crafted executable file could allow unsigned, malicious code to executeDescription: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files.CVE-IDCVE-2015-3803 : TaiG Jailbreak Team
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute unsigned codeDescription: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.CVE-IDCVE-2015-3802 : TaiG Jailbreak TeamCVE-2015-3805 : TaiG Jailbreak Team
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privilegesDescription: A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany
- KernelAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A path validation issue existed. This was addressed through improved environment sanitization.CVE-IDCVE-2015-3761 : beist of grayish
- LibcAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code executionDescription: Memory corruption issues existed in the TRE library. These were addressed through improved memory handling.CVE-IDCVE-2015-3796 : Ian Beer of Google Project ZeroCVE-2015-3797 : Ian Beer of Google Project ZeroCVE-2015-3798 : Ian Beer of Google Project Zero
- LibinfoAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionDescription: Memory corruption issues existed in handling AF_INET6 sockets. These were addressed by improved memory handling.CVE-IDCVE-2015-5776 : Apple
- libpthreadAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking.CVE-IDCVE-2015-5757 : Lufeng Li of Qihoo 360
- libxml2Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of serviceDescription: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.CVE-IDCVE-2014-0191 : Felix Groebert of Google
- libxml2Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted XML document may lead to disclosure of user informationDescription: A memory access issue existed in libxml2. This was addressed by improved memory handlingCVE-IDCVE-2014-3660 : Felix Groebert of Google
- libxml2Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted XML document may lead to disclosure of user informationDescription: A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3807 : Apple
- libxpcAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking.CVE-IDCVE-2015-3795 : Mathew Rowley
- mail_cmdsAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary shell commandsDescription: A validation issue existed in the mailx parsing of email addresses. This was addressed by improved sanitization.CVE-IDCVE-2014-7844
- Notification Center OSXAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A malicious application may be able to access all notifications previously displayed to usersDescription: An issue existed in Notification Center, which did not properly delete user notifications. This issue was addressed by correctly deleting notifications dismissed by users.CVE-IDCVE-2015-3764 : Jonathan Zdziarski
- ntfsAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in NTFS. This issue was addressed through improved memory handling.CVE-IDCVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze Networks
- OpenSSHAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Remote attackers may be able to circumvent a time delay for failed login attempts and conduct brute-force attacksDescription: An issue existed when processing keyboard-interactive devices. This issue was addressed through improved authentication request validation.CVE-IDCVE-2015-5600
- OpenSSLAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.CVE-IDCVE-2015-1788CVE-2015-1789CVE-2015-1790CVE-2015-1791CVE-2015-1792
- perlAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted regular expression may lead to disclosure of unexpected application termination or arbitrary code executionDescription: An integer underflow issue existed in the way Perl parsed regular expressions. This issue was addressed through improved memory handling.CVE-IDCVE-2013-7422
- PostgreSQLAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: An attacker may be able to cause unexpected application termination or gain access to data without proper authenticationDescription: Multiple issues existed in PostgreSQL 9.2.4. These issues were addressed by updating PostgreSQL to 9.2.13.CVE-IDCVE-2014-0067CVE-2014-8161CVE-2015-0241CVE-2015-0242CVE-2015-0243CVE-2015-0244
- pythonAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code executionDescription: Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.CVE-IDCVE-2013-7040CVE-2013-7338CVE-2014-1912CVE-2014-7185CVE-2014-9365
- QL OfficeAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted Office document may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in parsing of Office documents. This issue was addressed through improved memory handling.CVE-IDCVE-2015-5773 : Apple
- QL OfficeAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted XML file may lead to disclosure of user informationDescription: An external entity reference issue existed in XML file parsing. This issue was addressed through improved parsing.CVE-IDCVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.
- Quartz Composer FrameworkAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in parsing of QuickTime files. This issue was addressed through improved memory handling.CVE-IDCVE-2015-5771 : Apple
- Quick LookAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Searching for a previously viewed website may launch the web browser and render that websiteDescription: An issue existed where QuickLook had the capability to execute JavaScript. The issue was addressed by disallowing execution of JavaScript.CVE-IDCVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole
- QuickTime 7Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code executionDescription: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.CVE-IDCVE-2015-3779CVE-2015-5753 : AppleCVE-2015-5779 : Apple
- QuickTime 7Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code executionDescription: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.CVE-IDCVE-2015-3765 : Joe Burnett of Audio PoisonCVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco TalosCVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco TalosCVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco TalosCVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco TalosCVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco TalosCVE-2015-5751 : WalkerFuz
- SceneKitAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Viewing a maliciously crafted Collada file may lead to arbitrary code executionDescription: A heap buffer overflow existed in SceneKit's handling of Collada files. This issue was addressed through improved input validation.CVE-IDCVE-2015-5772 : Apple
- SceneKitAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in SceneKit. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3783 : Haris Andrianakis of Google Security Team
- SecurityAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A standard user may be able to gain access to admin privileges without proper authenticationDescription: An issue existed in handling of user authentication. This issue was addressed through improved authentication checks.CVE-IDCVE-2015-3775 : [Eldon Ahrold]Yahoo bill reminder. Bill Reminder Free was written with those problems in mind.
- SMBClientAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in the SMB client. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3773 : Ilja van Sprundel
- Speech UIAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted unicode string with speech alerts enabled may lead to an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in handling of Unicode strings. This issue was addressed by improved memory handling.CVE-IDCVE-2015-3794 : Adam Greenbaum of Refinitive
Free Virus Protection For Mac Os X 10.5 10 5 Leopard
- sudoAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary filesDescription: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.CVE-IDCVE-2013-1775CVE-2013-1776CVE-2013-2776CVE-2013-2777CVE-2014-0106CVE-2014-9680
- tcpdumpAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service.Description: Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3.CVE-IDCVE-2014-8767CVE-2014-8769CVE-2014-9140
Free Virus Protection For Mac Os X 10.5 10 5 Download
- Text FormatsAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Parsing a maliciously crafted text file may lead to disclosure of user informationDescription: An XML external entity reference issue existed with TextEdit parsing. This issue was addressed through improved parsing.CVE-IDCVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team
- udfAvailable for: OS X Yosemite v10.10 to v10.10.4Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privilegesDescription: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.CVE-IDCVE-2015-3767 : beist of grayhash
Free Virus Protection For Mac Os X 10.55 8
OS X Yosemite v10.10.5 includes the security content of Safari 8.0.8.