WHAT HAPPENED?

Apple released 3 Security Updates to address the Bash (Shell Shock) and SSL 3.0 (Poodle) vulnerabilities.

Advanced Users: For a complete description of the security enhancement and affected software refer to Apple’s:

• About Security Update 2014-005 (Shell Shock and Poodle) at https://support.apple.com/kb/HT6495
• About the Security Content of OS X Server v3.2.2 (Poodle) at https://support.apple.com/kb/HT6527
• About the Security Content of OS X Server v2.2.5 (Poodle) at https://support.apple.com/kb/HT6529

AFFECTED SYSTEMS:

• Mac OS X Mountain Lion v10.8.5
• OS X Mavericks v10.9.5

WHAT'S THE PROBLEM?

Out of date software could allow a hacker to take control of your computer or expose sensitive data.


HOW DO I PROTECT MY COMPUTER?

Update your software

1. If IT Field Services or you have other IT support, no action on your part is required.
2. If you do not have IT support, updates for:

• Security Update 2014-005 may be obtained from the Mac App Store or Apple's Software Downloads web site at http://www.apple.com/support/downloads/
• Updates for OS X Server v2.2.5 and OS X Server v3.2.2 may be obtained from the Mac App Store

At this time, IT is recommending against upgrading to Yosemite until IT is able to fully test compatibility and confirm vendor support with standard supported software.

RELATED LINKS

• About Security Update 2014-005 (Shell Shock and Poodle) at https://support.apple.com/kb/HT6495
• About the Security Content of OS X Server v3.2.2 (Poodle) at https://support.apple.com/kb/HT6527
• About the Security Content of OS X Server v2.2.5 (Poodle) at https://support.apple.com/kb/HT6529
• IT Security at http://it.ucsf.edu/security