By Graham K. Rogers

Apple has released an important Security Update for OS X (Mountain Lion, Mavericks, Yosemite) for a vulnerability that could allow a remote attacker to "execute arbitrary code". The description of this on the Apple Support Document HT6601 informs users that "Several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. These issues were addressed through improved error checking."

I found in the App Store (Downloads) that this update had been installed automatically as I allow this in System Preferences > App Store. If this is not permitted, it is strongly recommended (by several sources) that this is downloaded right away: check in the App Store, Downloads section.

Apple acknowledges in the Security document that this vulnerability was identified by Stephen Roettger of the Google Security Team.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life.