Help

How to force SUS updates + safari vulnerability question

jche
New Contributor

Posted on ‎10-08-2015 03:52 PM

Hello All,

I am sure most of you have dealt with this already - how have you handled the safari vulnerability?
https://support.apple.com/en-us/HT205033
some sites say it can give you access to root/admin without the need for credentials

understandably, my company is a touch fearful.

I have 70+ people on my network that have one of those versions of safari.
How can I force a safari update if they are all touching our SUS server?
Is an OS update the choice?
Ideally an automated process would be used as people are unable/unwilling to do the self install of an OS.

We can also ask that they check their App Store for updates but the issue there also is that the machines are registered to an admin @apple.com account with admin credentials.

What would you guys suggest?

thanks!

0 Kudos
2 REPLIES 2

stevevalle
Contributor III

Posted on ‎10-08-2015 07:56 PM

Software updates can be run remotely using terminal commands. For example:

softwareupdate --list

will give an output of all updates available on the computer. My output from this command is:

Finding available software
Software Update found the following new or updated software:
   * iTunesX-12.3
    iTunes (12.3), 238528K [recommended]
   * OSXUpd10.10.5-10.10.5
    OS X Update (10.10.5), 795798K [recommended] [restart]

I can install this update two ways.

softwareupdate --install --all

which will install both OS X and iTunes, or

softwareupdate --install iTunesX-12.3

to install iTunes only. Running this command gives me:

Software Update Tool
Copyright 2002-2012 Apple Inc.

Finding available software

Downloading iTunes
Downloaded iTunes
Installing iTunes
Done with iTunes
Done.

You can do this with a policy. Files and Processes > Execute command.

Assign to all users on a recurring Check-in Trigger.

Hope this helps!

0 Kudos

jche
New Contributor

Posted on ‎11-17-2015 03:05 PM

thanks for the response, i didnt know this!

problem is right now im on el capitan 10.11 and i cant install the update for 10.11.1 via appstore along with the itunes and such.

i ran the command and the 1.9GB update ran surprisingly quick, like 15 seconds or less.
i reboot and its still itunes 12.2.2 and OS 10.11

0 Kudos