Apple has rolled out the fifth update to OS X El Capitan, as well as updates for Safari and iTunes.
Feature-wise, OS X 10.11.5 isn't a major update but it does include several bug fixes relevant to Macs used in an enterprise environment and fixes for 67 security flaws, some of which could allow remote attackers to gain arbitrary code execution.
However, this update is notable as probably being the last feature update for its newest desktop operating system before 10.12's expected release around the summer.
Some of the nastier bugs addressed in the update include one affecting OpenGL, where "processing maliciously-crafted web content may lead to arbitrary code execution". Two other bugs with a similar impact could also be remotely exploited.
Similarly, a memory corruption issue in QuickTime could lead to arbitrary code execution after opening a maliciously-crafted file.
Messages got a fix for an issue that could allow a remote attacker to leak sensitive user information.
Also, Captive Network Assistant, the popup that is meant to assist connecting to a wireless network contained a bug that could allow an attacker with a "privileged network position" to execute arbitrary code with user assistance.
Safari 9.1.1, also released on Monday, contains fixes for seven security flaws affecting the browser. It's available for OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.5.
Most of the bugs affect Safari's WebKit browser engine and may lead to arbitrary code execution by visiting a maliciously-crafted website.
iTunes 12.4 fixes one security issue and introduces a cleaner design, including new navigation buttons and the ability to edit the dropdown menu for different content categories, such as music, TV shows and Movies.