Original release date: December 23, 2014
Apple has released security updates for OS X Mountain Lion, Mavericks, and
Yosemite to address multiple vulnerabilities in the Network Time Protocol
daemon. Exploitation of these vulnerabilities may allow a remote attacker to
take control of a vulnerable system.
US-CERT encourages users and administrators to review Apple Security Update
HT6601 (link is external) and Vulnerability Note VU#852879 for additional
information, and apply the necessary updates.
from:US-CERT
http://goo.gl/C8Xm8h