OS X Yosemite (/ j oʊ ˈ s ɛ m ɪ t iː / yoh-SEM-it-ee) (version 10.10) is the eleventh major release of OS X (now named macOS), Apple Inc.' S desktop and server operating system for Macintosh computers. OS X Yosemite was announced and released to developers on June 2, 2014, at WWDC 2014 and released to public beta testers on July 24, 2014. Yosemite was released to consumers on October 16. Aug 11, 2014 MacRumors attracts a broad audience of both consumers and professionals interested in the latest technologies and products. We also boast an active community focused on purchasing decisions and technical aspects of the iPhone, iPod, iPad, and Mac platforms.
Contents
- 7.1 Mac OS X El Capitan VS Yosemite
There are several similarities and differences between the current Mac OS- Yosemite and the newly released Mac OS X El Capitan. Fortunately for users, Yosemite can be upgraded to the new El Capitan for free, or users can easily partition Mac to install both El Capitan and Yosemite. Thus you can switch from one to another.
Comparison: Mac OS X El Capitan VS Yosemite
VS | Mac OS X 10.10 Yosemite | |
|---|---|---|
| Apps can load twice faster, while Internet connectivity speeds have also been increased greatly. Opening of PDF files and Word documents are also faster than ever. One advantage El Capitan has over Yosemite is the new Mission control feature that displays apps at the bar on top of your screen- this helps you stay more organized than the Thumbnail feature of Yosemite. | Advantages | The menu bar at the top of the screen is opaque, and the Messages sidebar is translucent. Though some may see more minimalist aesthetics in the increased use of transparency but this serves no useful purpose. |
| You can only install software that has been approved by Apple on the new Mac OS X El Capitan. | Disadvantage | One of the disadvantages of using Yosemite are the lags and slowdowns of apps, likewise the stuttering animations as well as slow Internet connectivity have also been reported. |
| El Capitan also comes with a full screen tweaks and mission control features. The mission control displays the names of existing apps at the top of the screen page, and this has replaced the thumbnail feature on the Yosemite. | Mission Control | The Thumbnail of Yosemite features a simplified menu bar around Yosemite. Height of many window title bars in Yosemite has been reduced. |
| There is a new Spotlight feature on El Capitan that allows you resize windows and move them anywhere on your desktop screen. El Capitan also provides search results from more sources, thus you will get the exact stuff you search for instead of too many results. | Spotlight | The Spotlight icon is located in the top right of the screen, but when you click on it the window opens in the middle of the screen. When first started using Spotlight in Yosemite, it is quite slow. |
| With the new Swipe gesture and improved full screen support, you can now optimize the way you read or manage your mails better on Mac OS X El Capitan – you can use this feature as a quick correspondence handler, and also manage your contacts and calendar much better from your inbox. With one swipe, you can mark an email as read or unread. | Mail in Yosemite doesn't appear to have changed much from Mail in Mavericks, apart from a few slight interface changes. | |
| Mac OS X El Capitan comes with third party editing tools that allows you personalize your photos, by adding more details. The photo app on El Capitan is one of the best you can find on any operating system. The multiple editing extensions on the Photo apps found on El Capitan can allow you add subtle filters and beautiful textures that will make your photos extraordinary. | Photo | Users can transfer images from iPhone to Mac by AirDrop. |
| The new Safari on Mac OS X El Capitan is the perfect browser tool for your Mac device. The New Safari allows you to Pin your favorite websites, thus you can keep them opened, likewise you can mute audios without checking the tab from which the sound is coming from. | Safari | In Safari these menu bars buttons appear on the same level as the address/search bar. Merging the toolbar and title bar will bring help to users. However, this mean that the title of a page in Safari and the name of the document in your word processor will be invisible. |
| The enhanced Maps available on Mac OS X El Capitan provides maximum public transit information you can ever ask for, thus you will never miss your way even in a big city. You will have access to in-built public transport maps, directions and schedules. With El Capitan, you can easily plan your route with just few clicks. | Maps | When you search for a location, a Map of said location including the tools to find directions will appear. |
| One of the things that has made Mac OS X El Capitan more secured is the fact that the use of third party software is restricted, thus you may cope with much fewer bugs, or other threats to your Mac device. The double-coding system and several other password encryption recognition security features on El Capitan also make it more secured than Yosemite. | Security | Yosemite allows more third party software, though it is not lacking the basic Apple security features. the fact that you will need Apple login details and password to access your Mac makes it difficult for someone to break in, likewise Apple provides an iCloud security for all files stored in its cloud system. |
| When it comes to prices, the final price of Mac OS X El Capitan is still being speculated but many believe much difference should not exist between it and Yosemite. For now the upgrade of Yosemite to Mac OS X El Capitan is free and users who want to upgrade to the premium El Capitan will have to pay an amount that is expected not to be more than $60 a year. | Price | The Yosemite costs less than $50 a year while the premium costs more. |
| There is no doubt about the fact that performance in Mac OS X El Capitan is much more better than Yosemite. Launching apps on El Capitan is more than twice faster, likewise switching between apps on the new El Capitan is more than 1.5 times faster than Yosemite. The disk cache optimization included in the new El Capitan. The new user interface on Mac OS X El Capitan also optimizes the latest IOS 9 which makes it more user-friendly than the Yosemite. | Performance | The performance of Yosemite will largely depend on other factors such as the available hard disk space as well as the RAM. You will need a minimum hard disk space of about 2G to download and install the new Mac OS X El Capitan, however, the Yosemite requires much less disk space and RAM size. |
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see Apple Security Updates.
OS X Yosemite v10.10
802.1X
Impact: An attacker can obtain WiFi credentials
Description: An attacker could have impersonated a WiFi access point, offered to authenticate with LEAP, broken the MS-CHAPv1 hash, and used the derived credentials to authenticate to the intended access point even if that access point supported stronger authentication methods. This issue was addressed by disabling LEAP by default.
CVE-ID
CVE-2014-4364 : Pieter Robyns, Bram Bonne, Peter Quax, and Wim Lamotte of Universiteit Hasselt
AFP File Server
Impact: A remote attacker could determine all the network addresses of the system
Description: The AFP file server supported a command which returned all the network addresses of the system. This issue was addressed by removing the addresses from the result.
CVE-ID
CVE-2014-4426 : Craig Young of Tripwire VERT
apache
Impact: Multiple vulnerabilities in Apache
Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to a denial of service. These issues were addressed by updating Apache to version 2.4.9.
CVE-ID
CVE-2013-6438
CVE-2014-0098
App Sandbox
Impact: An application confined by sandbox restrictions may misuse the accessibility API
Description: A sandboxed application could misuse the accessibility API without the user's knowledge. This has been addressed by requiring administrator approval to use the accessibility API on an per-application basis.
CVE-ID
CVE-2014-4427 : Paul S. Ziegler of Reflare UG
Bash
Impact: In certain configurations, a remote attacker may be able to execute arbitrary shell commands
Description: An issue existed in Bash's parsing of environment variables. This issue was addressed through improved environment variable parsing by better detecting the end of the function statement.
This update also incorporated the suggested CVE-2014-7169 change, which resets the parser state.
In addition, this update added a new namespace for exported functions by creating a function decorator to prevent unintended header passthrough to Bash. The names of all environment variables that introduce function definitions are required to have a prefix '__BASH_FUNC<' and suffix '>()' to prevent unintended function passing via HTTP headers.
CVE-ID
CVE-2014-6271 : Stephane Chazelas
CVE-2014-7169 : Tavis Ormandy
Bluetooth
Impact: A malicious Bluetooth input device may bypass pairing
Description: Unencrypted connections were permitted from Human Interface Device-class Bluetooth Low Energy devices. If a Mac had paired with such a device, an attacker could spoof the legitimate device to establish a connection. The issue was addressed by denying unencrypted HID connections.
CVE-ID
CVE-2014-4428 : Mike Ryan of iSEC Partners
CFPreferences
Impact: The 'require password after sleep or screen saver begins' preference may not be respected until after a reboot
Description: A session management issue existed in the handling of system preference settings. This issue was addressed through improved session tracking.
CVE-ID
CVE-2014-4425
Certificate Trust Policy
Impact: Update to the certificate trust policy
Description: The certificate trust policy was updated. The complete list of certificates may be viewed at http://support.apple.com/kb/HT6005.
CoreStorage
Impact: An encrypted volume may stay unlocked when ejected
Description: When an encrypted volume was logically ejected while mounted, the volume was unmounted but the keys were retained, so it could have been mounted again without the password. This issue was addressed by erasing the keys on eject.
CVE-ID
CVE-2014-4430 : Benjamin King at See Ben Click Computer Services LLC, Karsten Iwen, Dustin Li (http://dustin.li/), Ken J. Takekoshi, and other anonymous researchers
CUPS
Impact: A local user can execute arbitrary code with system privileges
Description: When the CUPS web interface served files, it would follow symlinks. A local user could create symlinks to arbitrary files and retrieve them through the web interface. This issue was addressed by disallowing symlinks to be served via the CUPS web interface.
CVE-ID
CVE-2014-3537
Dock
Impact: In some circumstances, windows may be visible even when the screen is locked
Description: A state management issue existed in the handling of the screen lock. This issue was addressed through improved state tracking.
CVE-ID
CVE-2014-4431 : Emil Sjölander of Umeå University
fdesetup
Impact: The fdesetup command may provide misleading status for the state of encryption on disk
Description: After updating settings, but before rebooting, the fdesetup command provided misleading status. This issue was addressed through improved status reporting.
CVE-ID
CVE-2014-4432
iCloud Find My Mac
Impact: iCloud Lost mode PIN may be bruteforced
Description: A state persistence issue in rate limiting allowed brute force attacks on iCloud Lost mode PIN. This issue was addressed through improved state persistence across reboots.
CVE-ID
CVE-2014-4435 : knoy
IOAcceleratorFamily
Impact: An application may cause a denial of service
Description: A NULL pointer dereference was present in the IntelAccelerator driver. The issue was addressed through improved error handling.
CVE-ID
CVE-2014-4373 : cunzhang from Adlab of Venustech
IOHIDFamily
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A null pointer dereference existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved validation of IOHIDFamily key-mapping properties.
CVE-ID
CVE-2014-4405 : Ian Beer of Google Project Zero
IOHIDFamily
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A heap buffer overflow existed in IOHIDFamily's handling of key-mapping properties. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4404 : Ian Beer of Google Project Zero
IOHIDFamily
Impact: An application may cause a denial of service
Description: A out-of-bounds memory read was present in the IOHIDFamily driver. The issue was addressed through improved input validation.
CVE-ID
CVE-2014-4436 : cunzhang from Adlab of Venustech
IOHIDFamily
Impact: A user may be able to execute arbitrary code with system privileges
Description: An out-of-bounds write issue exited in the IOHIDFamily driver. The issue was addressed through improved input validation.
CVE-ID
CVE-2014-4380 : cunzhang from Adlab of Venustech
IOKit
Impact: A malicious application may be able to read uninitialized data from kernel memory
Description: An uninitialized memory access issue existed in the handling of IOKit functions. This issue was addressed through improved memory initialization.
CVE-ID
CVE-2014-4407 : @PanguTeam
IOKit
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata.
CVE-ID
CVE-2014-4388 : @PanguTeam
IOKit
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata.
CVE-ID
CVE-2014-4418 : Ian Beer of Google Project Zero
Kernel
Impact: A local user may be able to determine kernel memory layout
Description: Multiple uninitialized memory issues existed in the network statistics interface, which led to the disclosure of kernel memory content. This issue was addressed through additional memory initialization.
CVE-ID
CVE-2014-4371 : Fermin J. Serna of the Google Security Team
CVE-2014-4419 : Fermin J. Serna of the Google Security Team
CVE-2014-4420 : Fermin J. Serna of the Google Security Team
CVE-2014-4421 : Fermin J. Serna of the Google Security Team
Kernel
Impact: A maliciously crafted file system may cause unexpected system shutdown or arbitrary code execution
Description: A heap-based buffer overflow issue existed in the handling of HFS resource forks. A maliciously crafted filesystem may cause an unexpected system shutdown or arbitrary code execution with kernel privileges. The issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4433 : Maksymilian Arciemowicz
Kernel
Impact: A malicious file system may cause unexpected system shutdown
Description: A NULL dereference issue existed in the handling of HFS filenames. A maliciously crafted filesystem may cause an unexpected system shutdown. This issue was addressed by avoiding the NULL dereference.
CVE-ID
CVE-2014-4434 : Maksymilian Arciemowicz
Kernel
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: A double free issue existed in the handling of Mach ports. This issue was addressed through improved validation of Mach ports.
CVE-ID
CVE-2014-4375 : an anonymous researcher
Kernel
Impact: A person with a privileged network position may cause a denial of service
Description: A race condition issue existed in the handling of IPv6 packets. This issue was addressed through improved lock state checking.
CVE-ID
CVE-2011-2391 : Marc Heuse
Kernel
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: An out-of-bounds read issue existed in rt_setgate. This may lead to memory disclosure or memory corruption. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4408
Kernel
Impact: A local user can cause an unexpected system termination
Description: A reachable panic existed in the handling of messages sent to system control sockets. This issue was addressed through additional validation of messages.
CVE-ID
CVE-2014-4442 : Darius Davis of VMware
Kernel
Impact: Some kernel hardening measures may be bypassed
Description: The random number generator used for kernel hardening measures early in the boot process was not cryptographically secure. Some of its output was inferable from user space, allowing bypass of the hardening measures. This issue was addressed by using a cryptographically secure algorithm.
CVE-ID
CVE-2014-4422 : Tarjei Mandt of Azimuth Security
LaunchServices
Impact: A local application may bypass sandbox restrictions
Description: The LaunchServices interface for setting content type handlers allowed sandboxed applications to specify handlers for existing content types. A compromised application could use this to bypass sandbox restrictions. The issue was addressed by restricting sandboxed applications from specifying content type handlers.
CVE-ID
CVE-2014-4437 : Meder Kydyraliev of the Google Security Team
LoginWindow
Impact: Sometimes the screen might not lock
Description: A race condition existed in LoginWindow, which would sometimes prevent the screen from locking. The issue was addressed by changing the order of operations.
CVE-ID
CVE-2014-4438 : Harry Sintonen of nSense, Alessandro Lobina of Helvetia Insurances, Patryk Szlagowski of Funky Monkey Labs
Mail
Impact: Mail may send email to unintended recipients
Description: A user interface inconsistency in Mail application resulted in email being sent to addresses that were removed from the list of recipients. The issue was addressed through improved user interface consistency checks.
CVE-ID
CVE-2014-4439 : Patrick J Power of Melbourne, Australia
Os X Yosemite 10.10 Download For Windows
MCX Desktop Config Profiles
Impact: When mobile configuration profiles were uninstalled, their settings were not removed
Description: Web proxy settings installed by a mobile configuration profile were not removed when the profile was uninstalled. This issue was addressed through improved handling of profile uninstallation.
CVE-ID
CVE-2014-4440 : Kevin Koster of Cloudpath Networks
NetFS Client Framework
Impact: File Sharing may enter a state in which it cannot be disabled
Description: A state management issue existed in the File Sharing framework. This issue was addressed through improved state management.
CVE-ID
CVE-2014-4441 : Eduardo Bonsi of BEARTCOMMUNICATIONS
Os X Yosemite 10.10 Download
QuickTime
Impact: Playing a maliciously crafted m4a file may lead to an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of audio samples. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-4351 : Karl Smith of NCC Group
Safari
Impact: History of pages recently visited in an open tab may remain after clearing of history
Description: Clearing Safari's history did not clear the back/forward history for open tabs. This issue was addressed by clearing the back/forward history.
CVE-ID
CVE-2013-5150
Safari
Impact: Opting in to push notifications from a maliciously crafted website may cause future Safari Push Notifications to be missed
Description: An uncaught exception issue existed in SafariNotificationAgent's handling of Safari Push Notifications. This issue was addressed through improved handling of Safari Push Notifications.
CVE-ID
CVE-2014-4417 : Marek Isalski of Faelix Limited
Secure Transport
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling CBC cipher suites when TLS connection attempts fail.
CVE-ID
CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team
Security
Impact: A remote attacker may be able to cause a denial of service
Description: A null dereference existed in the handling of ASN.1 data. This issue was addressed through additional validation of ASN.1 data.
CVE-ID
CVE-2014-4443 : Coverity
Security
Impact: A local user might have access to another user's Kerberos tickets
Description: A state management issue existed in SecurityAgent. While Fast User Switching, sometimes a Kerberos ticket for the switched-to user would be placed in the cache for the previous user. This issue was addressed through improved state management.
CVE-ID
CVE-2014-4444 : Gary Simon of Sandia National Laboratories, Ragnar Sundblad of KTH Royal Institute of Technology, Eugene Homyakov of Kaspersky Lab
Os X Yosemite 10.10 Dmg
Security - Code Signing
Impact: Tampered applications may not be prevented from launching
Description: Apps signed on OS X prior to OS X Mavericks 10.9 or apps using custom resource rules, may have been susceptible to tampering that would not have invalidated the signature. On systems set to allow only apps from the Mac App Store and identified developers, a downloaded modified app could have been allowed to run as though it were legitimate. This issue was addressed by ignoring signatures of bundles with resource envelopes that omit resources that may influence execution. OS X Mavericks v10.9.5 and Security Update 2014-004 for OS X Mountain Lion v10.8.5 already contain these changes.
CVE-ID
CVE-2014-4391 : Christopher Hickstein working with HP's Zero Day Initiative
Note: OS X Yosemite includes Safari 8.0, which incorporates the security content of Safari 7.1. For further details see About the security content of Safari 7.1.