The latest update to Apple's OS X El Capitan operating system may not be heavy on new features, but it does contain some security fixes that should make most enterprise IT departments happy.

The latest security update, released yesterday, contains patches for nearly 70 different vulnerabilities, many of which could allow attackers to remotely execute code within an enterprise environment. OS X 10.11.5 is the fifth update since Apple released El Capitan last year.

Enterprise Fixes

In addition to vulnerabilities that could grant an attacker arbitrary code execution with either kernel or root privileges, others could enable applications to leak sensitive user information. And some vulnerabilities could give an attacker with physical access to a machine the ability to reset an expired password from the lock screen.

“The OS X El Capitan v10.11.5 Update improves the stability, compatibility, and security of your Mac, and is recommended for all users,” the company wrote in an announcement on its Web site. But despite the recommendation that all users upgrade their systems, the upgrade is squarely aimed at enterprise users.

In particular, the latest update fixes an issue where applying a configuration profile to set allowSpotlightInternetResults to False would cause Spotlight to use large amounts of CPU time. Another enterprise problem that was addressed concerns an issue where applying a configuration profile to set ShutDownDisabledWhileLoggedIn to True would have no effect. It also fixes a problem in which only a single NetBoot image would appear in the Startup Disk pane of System Preferences, even if multiple NetBoot images were configured on the server.

Leaking Sensitive User Information

Among the more serious security vulnerabilities the update addresses are multiple bugs in PHP versions prior to 5.5.34, which include seven different CVE ID numbers. A custom URL scheme handling issue in Captive Network Assistant, meanwhile, could allow an attacker in a privileged network position to execute code on the target machine.

Other major problems included vulnerabilities in CFNetwork Proxies when handling HTTP and HTTPS requests that could leak potentially sensitive user information. A problem in the Common Crypto application, meanwhile, had a similar effect, allowing a malicious application to leak information. MapKit had a similar vulnerability stemming from shared links being sent with HTTP rather than HTTPS.

Yesterday's update is likely to be the last the operating system receives before Apple’s Worldwide Developer Conference next month, where the tech giant is expected to introduce the next major version of the OS. The timing of the security upgrade is likely the reason the company has decided to hold off on adding any new features until the new version comes out.

Image Credit: Screenshot of El Capitan via Apple.