Alongside bug fixes and other improvements, Apple has patched a longstanding security flaw which could give users with physical access to a machine root priveledges regardless of assigned permissions. The flaw, indexed as CVE-2015-1130, was reported to Apple in October of 2014, but Apple requested that it be not publicly disclosed until patched due to the "substantial amount of changes" required to fix.
