Jan Souček

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.4 **Description** A race condition in kext tools allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation. **Recommendations** For Apple OS X versions prior to 10.10.4, update to version 10.10.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.4 Apple OS X versions prior to 10.10.4 **Description** The issue allows remote attackers to trigger a refresh operation and cause a visit to an arbitrary web site via a crafted HTML e-mail message. **Recommendations** For Apple iOS versions prior to 8.4, update to version 8.4 or later. For Apple OS X versions prior to 10.10.4, update to version 10.10.4 or later.