APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002

2015-10-25T00:00:00
ID SECURITYVULNS:DOC:32568
Type securityvulns
Reporter Securityvulns
Modified 2015-10-25T00:00:00

Description

APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002

Mac EFI Security Update 2015-002 is now available and addresses the following:

EFI Available for: OS X Mavericks v10.9.5 Impact: An attacker can exercise unused EFI functions Description: An issue existed with EFI argument handling. This was addressed by removing the affected functions. CVE-ID CVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT

Installation note:

Mac EFI Security Update 2015-002 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/