Check compatibility
Check compatibility. You can upgrade to OS X El Capitan from OS X Snow Leopard or later on any of the following Mac models. Your Mac also needs at least 2GB of memory and 8.8GB of available storage space. MacBook introduced in 2009 or later, plus MacBook (13-inch, Aluminium, Late 2008) MacBook Air introduced in late 2008 or later. MacBook Pro introduced in mid 2007 or later. This document describes the security content of OS X El Capitan 10.11.2, Security Update 2015-005 Yosemite, and Security Update 2015-008 Mavericks.
You can upgrade to OS X El Capitan from OS X Snow Leopard or later on any of the following Mac models. Your Mac also needs at least 2GB of memory and 8.8GB of available storage space.
MacBook introduced in 2009 or later, plus MacBook (13-inch, Aluminum, Late 2008)
MacBook Air introduced in late 2008 or later
MacBook Pro introduced in mid 2007 or later
Mac mini introduced in early 2009 or later
iMac introduced in mid 2007 or later
Mac Pro introduced in early 2008 or later
Xserve models introduced in early 2009
MacBook Air introduced in late 2008 or later
MacBook Pro introduced in mid 2007 or later
Mac mini introduced in early 2009 or later
iMac introduced in mid 2007 or later
Mac Pro introduced in early 2008 or later
Xserve models introduced in early 2009
To find your Mac model, memory, storage space, and macOS version, choose About This Mac from the Apple menu . If your Mac isn't compatible with OS X El Capitan, the installer will let you know.
Make a backup
Before installing any upgrade, it’s a good idea to back up your Mac. Time Machine makes it simple, and other backup methods are also available. Learn how to back up your Mac.
Get connected
It takes time to download and install OS X, so make sure that you have a reliable Internet connection. If you're using a Mac notebook computer, plug it into AC power.
Download OS X El Capitan
For the strongest security and latest features, find out whether you can upgrade to macOS Catalina, the latest version of macOS.
If you still need OS X El Capitan, use this link: Download OS X El Capitan. A file named InstallMacOSX.dmg will download to your Mac.
Install the macOS installer
Double-click the downloaded file to open a window showing its contents. Then double-click the file within, named InstallMacOSX.pkg.
Follow the onscreen instructions, which will guide you through the steps necessary to install.
Begin installation
After installation of the installer is complete, open the Applications folder on your Mac, then double-click the file named Install OS X El Capitan.
Click Continue and follow the onscreen instructions. You might find it easiest to begin installation in the evening so that it can complete overnight, if needed.
Allow installation to complete
Please allow installation to complete without putting your Mac to sleep or closing its lid. Your Mac might restart, show a progress bar, or show a blank screen several times as it installs both OS X and related updates to your Mac firmware.
Learn more
- OS X El Capitan won't install on top of a later version of macOS, but you can erase your disk first or install on another disk.
- You can use macOS Recovery to reinstall macOS.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other security updates, see Apple security updates.
OS X El Capitan 10.11.2, Security Update 2015-005 Yosemite, and Security Update 2015-008 Mavericks
- apache_mod_phpAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: Multiple vulnerabilities in PHPDescription: Multiple vulnerabilities existed in PHP versions prior to 5.5.29, the most serious of which may have led to remote code execution. These were addressed by updating PHP to version 5.5.30.CVE-IDCVE-2015-7803CVE-2015-7804
- AppSandboxAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application may maintain access to Contacts after having access revokedDescription: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox.CVE-IDCVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt
- BluetoothAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in the Bluetooth HCI interface. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7108 : Ian Beer of Google Project Zero
- CFNetwork HTTPProtocolAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: An attacker with a privileged network position may be able to bypass HSTSDescription: An input validation issue existed within URL processing. This issue was addressed through improved URL validation.CVE-IDCVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea)
- CompressionAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: Visiting a maliciously crafted website may lead to arbitrary code executionDescription: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams.CVE-IDCVE-2015-7054 : j00ru
- Configuration ProfilesAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local attacker may be able to install a configuration profile without admin privilegesDescription: An issue existed when installing configuration profiles. This issue was addressed through improved authorization checks.CVE-IDCVE-2015-7062 : David Mulder of Dell Software
- CoreGraphicsAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Processing a maliciously crafted font file may lead to arbitrary code executionDescription: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.CVE-IDCVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team
- CoreMedia PlaybackAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Visiting a maliciously crafted website may lead to arbitrary code executionDescription: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling.CVE-IDCVE-2015-7074 : AppleCVE-2015-7075
- Disk ImagesAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with kernel privilegesDescription: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7110 : Ian Beer of Google Project Zero
- EFIAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A path validation issue existed in the kernel loader. This was addressed through improved environment sanitization.CVE-IDCVE-2015-7063 : Apple
- File BookmarkAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A sandboxed process may be able to circumvent sandbox restrictionsDescription: A path validation issue existed in app scoped bookmarks. This was addressed through improved environment sanitization.CVE-IDCVE-2015-7071 : Apple
- HypervisorAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A use after free issue existed in the handling of VM objects. This issue was addressed through improved memory management.CVE-IDCVE-2015-7078 : Ian Beer of Google Project Zero
- iBooksAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user informationDescription: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing.CVE-IDCVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)
- ImageIOAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Processing a maliciously crafted image may lead to arbitrary code executionDescription: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7053 : Apple
- Intel Graphics DriverAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A null pointer dereference issue was addressed through improved input validation.CVE-IDCVE-2015-7076 : Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon [email protected]
- Intel Graphics DriverAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7106 : Ian Beer of Google Project Zero, Juwei Lin of TrendMicro, beist and ABH of BoB, and JeongHoon [email protected]
- Intel Graphics DriverAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with system privilegesDescription: An out of bounds memory access issue existed in the Intel Graphics Driver. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7077 : Ian Beer of Google Project Zero
- IOAcceleratorFamilyAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7109 : Juwei Lin of TrendMicro
- IOHIDFamilyAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application may be able to execute arbitrary code with system privilegesDescription: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling.CVE-IDCVE-2015-7111 : beist and ABH of BoBCVE-2015-7112 : Ian Beer of Google Project Zero
- IOKit SCSIAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application may be able to execute arbitrary code with kernel privilegesDescription: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation.CVE-IDCVE-2015-7068 : Ian Beer of Google Project Zero
- IOThunderboltFamilyAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to cause a system denial of serviceDescription: A null pointer dereference existed in IOThunderboltFamily's handling of certain userclient types. This issue was addressed through improved validation of IOThunderboltFamily contexts.CVE-IDCVE-2015-7067 : Juwei Lin of TrendMicro
- KernelAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local application may be able to cause a denial of serviceDescription: Multiple denial of service issues were addressed through improved memory handling.CVE-IDCVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan TeamCVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan TeamCVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan TeamCVE-2015-7043 : Tarjei Mandt (@kernelpool)
- KernelAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with kernel privilegesDescription: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.CVE-IDCVE-2015-7083 : Ian Beer of Google Project ZeroCVE-2015-7084 : Ian Beer of Google Project Zero
- KernelAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with kernel privilegesDescription: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages.CVE-IDCVE-2015-7047 : Ian Beer of Google Project Zero
- kext toolsAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A local user may be able to execute arbitrary code with kernel privilegesDescription: A validation issue existed during the loading of kernel extensions. This issue was addressed through additional verification.CVE-IDCVE-2015-7052 : Apple
- Keychain AccessAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application may be able to masquerade as the Keychain Server.Description: An issue existed in how Keychain Access interacted with Keychain Agent. This issue was resolved by removing legacy functionality.CVE-IDCVE-2015-7045 : Luyi Xing and XiaoFeng Wang of Indiana University Bloomington, Xiaolong Bai of Indiana University Bloomington and Tsinghua University, Tongxin Li of Peking University, Kai Chen of Indiana University Bloomington and Institute of Information Engineering, Xiaojing Liao of Georgia Institute of Technology, Shi-Min Hu of Tsinghua University, and Xinhui Han of Peking University
- libarchiveAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Visiting a maliciously crafted website may lead to arbitrary code executionDescription: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling.CVE-IDCVE-2011-2895 : @practicalswift
- libcAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: Processing a maliciously crafted package may lead to arbitrary code executionDescription: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking.CVE-IDCVE-2015-7038 : Brian D. Wells of E. W. Scripps, Narayan Subramanian of Symantec Corporation/Veritas LLCCVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM)Entry updated March 3, 2017
Apple Support For El Capitan Free
- libexpatAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: Multiple vulnerabilities in expatDescription: Multiple vulnerabilities existed in expat version prior to 2.1.0. These were addressed by updating expat to versions 2.1.0.CVE-IDCVE-2012-0876 : Vincent DanenCVE-2012-1147 : Kurt SeifriedCVE-2012-1148 : Kurt Seifried
- libxml2Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Parsing a maliciously crafted XML document may lead to disclosure of user informationDescription: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7115 : Wei Lei and Liu Yang of Nanyang Technological UniversityCVE-2015-7116 : Wei Lei and Liu Yang of Nanyang Technological University
- OpenGLAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Visiting a maliciously crafted website may lead to arbitrary code executionDescription: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling.CVE-IDCVE-2015-7064 : AppleCVE-2015-7065 : AppleCVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks
- OpenLDAPAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A remote unauthenticated client may be able to cause a denial of serviceDescription: An input validation issue existed in OpenLDAP. This issue was addressed through improved input validation.CVE-IDCVE-2015-6908
- OpenSSHAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: Multiple vulnerabilities in LibreSSLDescription: Multiple vulnerabilities existed in LibreSSL versions prior to 2.1.8. These were addressed by updating LibreSSL to version 2.1.8.CVE-IDCVE-2015-5333CVE-2015-5334
- QuickLookAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: Opening a maliciously crafted iWork file may lead to arbitrary code executionDescription: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7107
- SandboxAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomizationDescription: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks.CVE-IDCVE-2015-7046 : Apple
- SecurityAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A remote attacker may cause an unexpected application termination or arbitrary code executionDescription: A memory corruption issue existed in handling SSL handshakes. Download ios mojave for mac. This issue was addressed through improved memory handling.CVE-IDCVE-2015-7073 : Benoit Foucher of ZeroC, Inc.
- SecurityAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5Impact: Processing a maliciously crafted certificate may lead to arbitrary code executionDescription: Multiple memory corruption issues existed in the ASN.1 decoder. These issues were addressed through improved input validationCVE-IDCVE-2015-7059 : David Keeler of MozillaCVE-2015-7060 : Tyson Smith of MozillaCVE-2015-7061 : Ryan Sleevi of Google
- SecurityAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, OS X El Capitan v10.11 and v10.11.1Impact: A malicious application may gain access to a user's Keychain itemsDescription: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks.CVE-IDCVE-2015-7058
- System Integrity ProtectionAvailable for: OS X El Capitan v10.11 and v10.11.1Impact: A malicious application with root privileges may be able to execute arbitrary code with system privilegesDescription: A privilege issue existed in handling union mounts. This issue was addressed by improved authorization checks.CVE-IDCVE-2015-7044 : MacDefender
Notes
Apple Support For El Capitan Texas
- Security Update 2015-005 and 2015-008 is recommended for all users and improves the security of OS X. After installing this update, the QuickTime 7 web browser plug-in will no longer be enabled by default. Learn what to do if you still need this legacy plug-in.
- OS X El Capitan v10.11.2 includes the security content of Safari 9.0.2.