Posted on 08-07-2015 12:44 AM
Hi All
i am trying to deploy a thunderstrike patch (security update 2015-001 released on Jan 27 2015) via SUS.
but i can't find this update on SUS. anyone know why? i still can find this update on Apple support
https://support.apple.com/kb/DL1788?locale=en_US
any one know why?
The APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001 include in the change log:
CPU Software
Available for: OS X Yosemite v10.10 and v10.10.1,
for: MacBook Pro Retina, MacBook Air (Mid 2013 and later), iMac (Late 2013 and later), Mac Pro (Late 2013)
Impact: A malicious Thunderbolt device may be able to affect firmware flashing
Description: Thunderbolt devices could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates.
CVE-2014-4498 : Trammell Hudson of Two Sigma Investments
Posted on 08-07-2015 04:28 AM
What SUS are you using? Can't find? Do you mean locally on the server or you don't see the update from a machine pointing at your SUS?
If you configure a machine that you think should be able to see this update to Apple's servers instead, do you then see the update?
On my server it's in the following location of the downloads repo:
.../content/downloads/33/63/zzz031-22998
Some updates don't show and are automatic, e.g. Gatekeeper, Xprotect, etc.
https://support.apple.com/en-us/HT204536
I didn't recall this being one of them, but then I have all this turned off and I'm using Reposado.
Posted on 08-07-2015 08:53 AM
Is it possible this fix was rolled into a later OS X patch, like 10.10.4 or such? This was, after all, issued around the time 10.10.2 came out. I don't recall reading anything about that, but Apple has been doing that a lot lately and I wonder if this just got pulled from their SUS since another full OS update out there already contains it.
Posted on 08-07-2015 02:27 PM
I think you're misreading it, Security Update 2015-001 is for OS X 10.9, for OS X 10.10, the update is included within OS X 10.10.2 update, both released on the same day. There was no separate Security Update 2015-001 for OS X 10.10. Security Updates are also cumulative, so it's been superseded by Security Update 2015-003 for OS X 10.9.