Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other security updates, see Apple security updates.
iBooks Author 2.4.1
Available for: OS X Yosemite v10.10 or later
Impact: Parsing a maliciously crafted iBooks Author file may lead to disclosure of user information
Description: An XML external entity reference issue existed with iBook Author parsing. This issue was addressed through improved parsing.
CVE-2016-1789 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)