To update on OS X, go to App Store > Updates and then install the Security Update 2016-001 (for El Capitan) or 2016-005 (for Yosemite). For users on OS X Mavericks, a Safari update is available as well.
Oh and while you’re at it, you should update iOS as well. (Just go to Settings > General > Software Update on your device, and follow the instructions.) The urgent OS X patch comes a week after Lookout Security and Citizen Lab discovered a nasty strain of spyware that could hijack an iPhone with a simple text message. Lookout Security’s Mike Murray called it “one of the most sophisticated pieces of cyberespionage software we’ve ever seen.”
The malware was used to target human rights activist Ahmed Mansoor. Mansoor noticed a strange text message on his phone, and rather than clicking the link, he turned his phone over to experts. It’s a good thing he did. That malware could have been used to read text messages, emails, and track calls and contacts.
Because OS X and iOS share a lot of the same code, it makes sense that a vulnerability in iOS would also exist in OS X. It isn’t clear exactly how the exploit would be used on OS X—on iOS users would be hit with a rogue SMS message—but don’t take any chances. Update! And