Eduardo Bonsi

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10 **Description** The issue concerns the MCX Desktop Config Profiles implementation, which retains web-proxy settings from uninstalled mobile-configuration profiles. This allows remote attackers to obtain sensitive information by leveraging access to an unintended proxy server in certain circumstances. **Recommendations** For Apple OS X versions prior to 10.10, update to version 10.10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10 **Description** The issue concerns the NetFS Client Framework, which fails to ensure that the disabling of File Sharing is always possible. This allows remote attackers to read or write to files by leveraging a state in which File Sharing is permanently enabled. **Recommendations** For Apple OS X versions prior to 10.10, update to version 10.10 or later to resolve the issue.