I Clicked on the link expecting to read about a vulnerability. This is actually about blasting OS X for not having updated versions of software.
Software updates are super important of course, and apple should be better at pushing the latest software updates, but I wish the title reflected that.
> This is actually about blasting OS X for not having updated versions of software.
No it's not, it's blasting OS X for shipping software with a known remote execution vulnerability, and not allowing the user to easily upgrade that software themselves due to new OS-wide security policies.
>and not allowing the user to easily upgrade that software themselves due to new OS-wide security policies.
But the author didn't try that. They merely speculated that
upgrading over top of that will almost certainly screw something up later.
I upgraded the Subversion that's shipped with XCode 5 on OS X 10.9 (both old, I know) without any problems simply by manually replacing the files in /Applications/XCode.app/Contents/Developer/usr/bin.
I disagree that it is clickbait. There is a schema people use for announcing security vulnerabilities ("<issue> in <software> version <number> through <bigger number>"), and the RCE issue was recent, so to those familiar it was clear that it was exposition rather than disclosure.
Software updates are super important of course, and apple should be better at pushing the latest software updates, but I wish the title reflected that.