Apple has released updates to their operating system that address vulnerabilities that may allow an attacker to bypass security restrictions, execute arbitrary code, or allow an attacker with a privileged network position to capture or modify data in sessions protected by SSL/TLS. This means that anything sent across the Internet could be intercepted or changed from the computer. It is highly recommended that users upgrade as soon as possible as this vulnerability is actively being exploited in the wild.
The IT Security Office advises that owners of the software listed below update to the latest version of their installed software.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.