CHINA TOPIX

11/02/2024 03:41:07 pm

Make CT Your Homepage

Apple Fixes NTP Vulnerability without Informing Users

Mac OS X

(Photo : Creative Commons: Flickr)

Just several days ago, it was discovered that the Network Time Protocol (NTP) has security holes that could turn computers into tools for Distributed Denial of Service (DDoS) attacks.

When this news was released to tech giants, Apple decided to quietly roll-out a security update.

Like Us on Facebook

According to Extreme Tech, this move by Apple is the first of its kind -- we're talking silent, automatic and no need for an approval from the device user and owner.

It was achieved using the automatic silent-patching feature of the Apple OS X, something many people aren't aware of. If you're an Apple user, you know all updates rolled-out by the company need to be approved, but this one doesn't.

This means your Mac may just have received the update without you knowing about the update at all.

Apple spokesman Bill Evans said the automatic update was only to fix the vulnerabilities to the NTP that may potentially render them unusable or DDoS tools, said Tech Times have cited.

The vulnerabilities, by the way, were revealed by the Department of Homeland Security on Dec. 19.

The agency worked with the Carnegie Mellon University Software Engineering Institute to have this information released. Researchers from Carnegie Mellon were the ones who stated that Apple, together with dozens of other tech firms, can be affected by this security breach.

It was noted that Google's Security Team members, Stephen Roettger and Neel Mehta, were the first who came across the bug.

Apple has also released a statement saying this is the first time it has ever made use of the automatic update of the OS X.

Real Time Analytics