OS X Yosemite v10.10.2 Now Available for Download

OS X Yosemite v10.10.2 Now Available for Download

Alongside iOS 8.1.3 that brings enhancements and fixes to iOS devices,Apple also released OS X Yosemite v10.10.2 for Macs on Tuesday.

OS X Yosemite v10.10.2 brings fix for an issue that might cause Wi-Fi to disconnect, while resolving another issue that might cause Web pages to load slowly. The update also claims to fix an issue that could cause Spotlight to load remote email content when this preference is disabled in Mail, a problem that had raised some privacy concerns recently. The update also brings other fixes and enhancements detailed below.

You can install the update by going to the Updates tab of the Mac App Store. We recommend backing up your Mac using Time Machine or any other application before installing any system update.

Here are the release notes of the OS X Yosemite v10.10.2 update in full:

This update includes the following improvements:
1.Resolves an issue that might cause Wi-Fi to disconnect

2.Resolves an issue that might cause web pages to load slowly

3.Fixes an issue that could cause Spotlight to load remote email content when this preference is disabled in Mail

4.Improves audio and video sync when using Bluetooth headphones

5.Adds the ability to browse iCloud Drive in Time Machine

6.Improves VoiceOver speech performance

7.Resolves an issue that could cause VoiceOver to echo characters when entering text on a web page

9.Addresses an issue that could cause the input method to switch languages unexpectedly

10.Improves stability and security in Safari.

Security contents

       AFP Server

Available for: OS X Mavericks v10.9.5

Impact: A remote attacker may be able to determine all the network addresses of the system

Description: The AFP file server supported a command which returned all the network addresses of the system. This issue was addressed by removing the addresses from the result.

CVE-ID

CVE-2014-4426 : Craig Young of Tripwire VERT

bashAvailable for: OS X Yosemite v10.10 and v10.10.1
Impact: Multiple vulnerabilities in bash, including one that may allow local attackers to execute arbitrary code
Description: Multiple vulnerabilities existed in bash. These issues were addressed by updating bash to patch level 57.
CVEID
CVE-2014-6277
CVE-2014-7186
CVE-2014-7187

BluetoothAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: An integer signedness error existed in IOBluetoothFamily which allowed manipulation of kernel memory. This issue was addressed through improved bounds checking. This issue does not affect OS X Yosemite systems.
CVEID
CVE-2014-4497
BluetoothAvailable for: OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: An error existed in the Bluetooth driver that allowed a malicious application to control the size of a write to kernel memory. The issue was addressed through additional input validation.
CVE-ID
CVE-2014-8836 : Ian Beer of Google Project Zero

BluetoothAvailable for: OS X Yosemite v10.10 and v10.10.1
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: Multiple security issues existed in the Bluetooth driver, allowing a malicious application to execute arbitrary code with system privilege. The issues were addressed through additional input validation.CVE-ID
CVE-2014-8837 : Roberto Paleari and Aristide Fattori of Emaze Networks