Apple has issued its first automatic update to deal with a vulnerability that affects the Network Time Protocol in Mac OS X clock systems.
Apple normally requires users to download updates manually, but has delivered the NTP fix automatically on this occasion because it could be exploited remotely.
The company said that it had made this update automatic owing to the seriousness of the flaw.
The National Institute of Standards and Technology said that the CVE-2014-9295 vulnerability could allow a third-party attacker to launch arbitrary code from a remote location, or trigger a buffer overflow.
The fix is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 and OS X Yosemite v10.10.1.
Ken Westin, a senior security analyst at Tripwire, said that the automatic deployment of security updates can be useful, but can also present some risks.
"Apple's proactive steps to automatically remediate this particular vulnerability shows the need to quickly patch remotely exploitable vulnerabilities," he said.
"However, the use of Apple's automatic deployment tool is not without risks, as even the simplest update can cause problems for some systems.
"If you have a Mac system where an automatic update might introduce a problem, or are the paranoid type, the functionality can be disabled by going to the Apple Menu > App Store and unchecking ‘Install system data files and security updates'."
Westin added that "many other" Linux and Unix distributions were affected by the same vulnerability, and advised system administrators to apply the relevant patches as they arrive.
Dr Kuan Hon criticises GDPR consent emails that will only eviscerate marketing databases and 'media misinformation'
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance