Microsoft's security fixes come out every month like clockwork with Update Tuesday. But Apple's updates and security patches are much more sporadic.
So when they are announced, you should pay attention. Apple is calling this a "critical security issue," so Apple users need to listen up.
Apple has issued a warning for "OS X users following the discovery of a vulnerability in the Network Time Protocol which affects the Yosemite, Mavericks and Mountain Lion operating systems."
The bug was actually discovered by a member of the Google Security Team earlier this month, but Apple didn't release a fix until now because the company says that it wants to be sure that the problem is real and complete a full investigation before alarming the public.
The security flaw was a vulnerability in the Network Protocol that allowed hackers to remotely "execute arbitrary code on systems not updated with the fix, and trigger buffer overflows while using OS X Network Time Protocol daemon (NTPD) privileges."
But don't worry, Apple is on the case. Even though it took them a while to even disclose that there was a problem.
"For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available," said Apple on its support page.
The security update is now available for OS X Yosemite v10.10.1, OS X Mountain Lion v10.8.5, and OS X Mavericks v10.9.5. If your Mac is already set to automatically install updates, then the bug has been patched. Otherwise, you need to initiate the update yourself and get this security hole patched, pronto.
To verify that the update has installed, check the NTPD version by going to your Terminal and checking the /usr/sbin/ntpd that is currently running.
They should match the following: Yosemite: ntp-92.5.1, Mountain Lion: ntp-77.1.1, Mavericks: ntp-88.1.1. If not, trigger the update.