Incident Response, Patch/Configuration Management, TDR, Vulnerability Management

Apple issues Xcode security update


A security update was issued by Apple on Tuesday to address two vulnerabilities in Xcode –  an integrated development environment (IDE) housing a variety of software development tools used in creating apps for Apple devices.

"A heap-based buffer overflow issue existed in the handling of filenames," the advisory stated. The issue was addressed by updating git – a version control system widely used in software development – to version 2.7.4.

Miscreants exploiting the flaws could execute arbitrary code to gain control of an affected system.

The U.S. Cert is advising users and admins to take a look at the company's update for Xcode and update to version 7.3.1 for OS X El Capitan v10.11 and later.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.