![\"\"](\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/02\/Apple-software-update-orange-important-600x300-1.png\")
<\/p>\n<\/p>\n
On Monday, October 28, Apple released operating system updates for all of its products. The updates add some new features, address some bugs, and more importantly, fix some critical security vulnerabilities.<\/p>\n
Let’s explore everything you should know about what Apple changed in these updates.<\/p>\n
In this article:<\/em><\/p>\n Available for: <\/strong>All supported Macs capable of running macOS Sequoia<\/p>\n Update information:<\/strong><\/p>\n This update introduces the first set of features powered by Apple Intelligence,* the personal intelligence system that unlocks powerful new ways to communicate, work, and express yourself, all while protecting your data with an extraordinary step forward for privacy in AI. This release also includes drag and drop support for iPhone Mirroring and other features, bug fixes, and security updates for your Mac.<\/p>\n<\/li>\n<\/ul>\n *Note: Apple doesn’t mention it here, but Apple Intelligence requires a Mac with Apple silicon<\/a> (M1\/M2\/M3\/M4). Features related to Apple Intelligence, such as Writing Tools and Mail summarization, are not available on Intel-based Macs.<\/p>\n Enterprise:<\/strong><\/p>\n MDM can manage Writing Tools and Mail summarization.<\/p>\n<\/li>\n MDM can prevent prompts triggered by apps using deprecated content capture technologies.<\/p>\n<\/li>\n MDM can prevent users from enabling Media Sharing in System Settings.<\/p>\n<\/li>\n Login and unlock complete without delay when a passcode policy is configured by MDM.<\/p>\n<\/li>\n Upgrading to macOS 15 Sequoia completes successfully when a local user account is present without a valid home directory.<\/p>\n<\/li>\n Improves network stability when using content filter extensions.<\/p>\n<\/li>\n Improves APNS compatibility with legacy VPN products.*<\/p>\n<\/li>\n<\/ul>\n *Note: Although once again Apple doesn’t mention it here, version 15.1 also fixes known compatibility issues<\/a> with third-party VPN services. These issues were present in the 15.0 and 15.0.1 releases of macOS Sequoia.<\/p>\n Improvements and Bug Fixes:<\/strong><\/p>\n Option to automatically download and install games and apps to an external disk drive<\/p>\n<\/li>\n Game Center friend invites can be sent directly from the Contacts app and Friend Suggestions and receivers can see the invites in the inbox in Settings<\/p>\n<\/li>\n<\/ul>\n Security-related fixes and updates:<\/strong> Contacts <\/p>\n Find My<\/strong> <\/p>\n Login Window<\/strong> <\/p>\n Maps<\/strong> <\/p>\n Notification Center<\/strong> <\/p>\n Safari Private Browsing<\/strong> For the full list of security patches included in macOS Sequoia 15.1, have a look here<\/a>. We recommend updating sooner rather than later.<\/p>\n You can get this update by going to System Settings<\/strong> > Software Update<\/strong>, where compatible Macs running macOS Mojave or newer will see the Sequoia update appear. If your Mac is running macOS High Sierra or older, look for macOS Sequoia in the App Store and download it from there.<\/a><\/p>\n Available for: <\/strong>All supported Macs currently running macOS Sonoma<\/p>\n Security-related fixes and updates:<\/strong> You can get this update by going to System Settings<\/strong> > Software Update<\/strong>.<\/a><\/p>\n Available for: <\/strong>All supported Macs currently running macOS Ventura<\/p>\n Security-related fixes and updates:<\/strong> You can get this update by going to System Preferences<\/strong> > Software Update<\/strong>.<\/a><\/p>\n Available for: <\/strong>macOS Sonoma and macOS Ventura<\/p>\n This update addresses quite a few issues, which you can read more about here<\/a>. At the time of writing, however, Apple has not released a list of security patches for this update.<\/p>\n The update is available in System Settings (or System Preferences)<\/strong> > Software Update<\/strong> on your Mac.<\/a><\/p>\n Available for:<\/strong>\u00a0iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation<\/p>\n New features:<\/strong>\u00a0Just like the latest macOS Sequoia update, this update brings Apple Intelligence to the iPhone 15 and newer. Another welcome new feature is phone call recording. For a comprehensive list of new features have a read here<\/a>.<\/p>\n Security-related fixes and updates:<\/strong>\u00a028 vulnerabilities were addressed in this update, all similar to those found in the other OS updates.<\/p>\n The details of the security issues that were addressed can be found here<\/a>. To get this latest update, connect your device to your Mac and follow the update prompts. You can also download these updates over the air by going to Settings<\/strong> > General<\/strong> > Software Update<\/strong> on your device.<\/a><\/p>\n Available for:\u00a0<\/strong>Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later<\/p>\n Update Information:<\/strong><\/p>\n Apple has listed no new features for this update, making it solely a security update.<\/p>\n Security-related fixes and updates:<\/strong><\/p>\n This update addresses 17 issues, most of them the same as those addressed in the macOS updates.<\/p>\n The full list of security issues that were addressed can be found here<\/a>. To get your hands on this latest update, connect your device to your Mac and follow the update prompts. You can also download these updates over the air by going to Settings<\/strong> > General<\/strong> > Software Update<\/strong> on your device.<\/a><\/p>\n Available for: <\/strong>Apple TV HD and Apple TV 4K (all models)<\/p>\n Security-related fixes and updates:<\/strong>\u00a0Apple addressed 14 vulnerabilities with CVEs in this update, mostly the same as in the other OS updates.<\/p>\n The full list of security issues that were addressed can be found here<\/a>. To install this update, go to Settings > System > Software Updates<\/strong> on your Apple TV.<\/a><\/p>\n Security-related fixes and updates:<\/strong>\u00a0Apple addressed 20 vulnerabilities with CVEs in this update, mostly the same as in the other OS updates.<\/p>\n The full list of security issues that were addressed can be found here<\/a>. To install this update, go to Settings > General > Software Update<\/strong>.<\/a><\/p>\n Available for: <\/strong>Apple Watch Series 4 and later<\/p>\n Security-related fixes and updates:<\/strong>\u00a0Apple addressed 16 vulnerabilities with CVEs in this update.<\/p>\n The full list of security issues that were addressed can be found here<\/a>. To install this update, make sure your iPhone is up to date first, both your phone and watch are connected to the same Wi-Fi network, and the watch has at least a 50% charge. Then open the Watch app on your phone and tap General<\/strong> > Software Update<\/strong>.<\/a><\/p>\n Apple also updated its rarely-mentioned HomePod Software (also sometimes called audioOS or HomePodOS). Apple has never mentioned this operating system on its security updates page<\/a>. Since HomePod Software always shares the same build number<\/a> as tvOS, one can reasonably assume that any security issues addressed in tvOS 18.1 were also fixed in HomePod Software 18.1.<\/p>\n HomePod updates are generally not urgent, and they are supposed to install automatically. See below for details on how to update your HomePod or HomePod mini’s operating system manually.<\/a><\/p>\n Though it shouldn’t come as a big surprise, Apple did not release security updates for any of the following operating systems:<\/p>\n If you have an older device that cannot be upgraded to the latest version of iOS or iPadOS (18.x), or watchOS (11.x), you should strongly consider purchasing a newer model. Any model of iPhone, iPad, or Apple Watch that Apple currently sells can run the newest operating systems and thus get all available security updates.<\/p>\n Apple continues to leave open-source software components in macOS Sequoia critically outdated and highly vulnerable<\/a>. For example, Sequoia still includes LibreSSL 3.3.6, which is more than 2.5 years old and contains at least four known vulnerabilities<\/a>, including two rated “9.8 CRITICAL” on the CVSS scale. The latest stable release is 4.0.0, released on October 14; the last 3.9.x version was 3.9.2, released on May 12.<\/p>\n Additionally, Apple has once again neglected to patch a Safari bug for macOS, iOS, and iPadOS that the company has known about for more than 5.5 years. The bug makes it easy to spread misinformation via iMessage featuring fake news headlines<\/a> that appear to come from credible sources.<\/p>\n In spite of these lingering issues, we recommend upgrading to macOS Sequoia<\/strong> to address a plethora of other vulnerabilities. If your Mac is not on Apple’s compatibility list for macOS Sequoia<\/a>, you should consider buying a new Mac; learn which one is ideal for you<\/a>. Or, if you like living on the edge, you can upgrade your old Mac to macOS Sequoia without Apple’s support or blessing<\/a>.<\/a><\/p>\n If you haven’t yet upgraded to macOS Sequoia<\/strong>, be sure to first update any software that’s important to you. For example, run Intego’s NetUpdate utility and install all available updates, and then check for updates for all other software that you use regularly. Next, check for macOS updates by going to System Settings > General > Software Update. Alternatively, go to the Spotlight (\ud83d\udd0d) menu and search for Software Update, and open it from the search results. If you have an iMac Pro or a MacBook Pro (2018) that’s still running macOS High Sierra, look for macOS Sequoia in the Mac App Store<\/a> and download it from there.<\/p>\n If you have any trouble getting the macOS update to show up, either press \u2318R at the Software Update screen, or type in the Terminal Note that only the latest macOS version (currently, that’s macOS Sequoia) is ever fully patched<\/strong>; older macOS versions only get a subset of those patches and remain vulnerable. Therefore, staying on the latest macOS version is critically important for maintaining your security and privacy. For more information, see our article, “When does an old Mac become unsafe to use?<\/a>”<\/p>\n Users of iPhone or iPad<\/strong> can open the Settings app and choose General > Software Update to update iOS or iPadOS on their devices. (This is called an “over the air” or OTA update.) Alternatively, you can connect your device to your Mac, click on the device name in a Finder window sidebar, and check for updates there; or, if you use a Windows PC, you can use the Apple Devices app<\/a>.<\/p>\n To update watchOS on your Apple Watch<\/strong>, the process is a bit more complicated. First, update your iPhone to the latest operating system it can support (ideally the latest version of iOS 18). Next, ensure that both your iPhone and Apple Watch are on the same Wi-Fi network. Your Apple Watch also needs to have at least a 50% charge. Then open the Watch app on your iPhone and tap General > Software Update.<\/p>\n To update visionOS on your Apple Vision Pro<\/strong>, Apple recommends that you first back up your device to iCloud<\/a>. Then go to Settings > General > Software Update to check for updates.<\/p>\n To update tvOS on your Apple TV<\/strong>, open the Settings app and choose System > Software Updates.<\/p>\n HomePod Software (sometimes called audioOS) should update automatically. However, if you would like to update your HomePod or HomePod mini’s operating system manually, you can go into the Home<\/strong> app on your iPhone or iPad, then tap the\u00a0House icon<\/strong> > Home Settings<\/strong> > Software Update<\/strong> > temporarily disable (toggle off) Install Updates Automatically<\/strong> > then tap Install<\/strong>. After updating, remember to re-enable the Install Updates Automatically<\/strong> setting.<\/p>\n Whenever you’re preparing to update macOS, iOS, iPadOS, or visionOS, it’s a good idea to always back up your data<\/strong> before installing any updates. This gives you a restore point if something does not go as planned. See our related article on how to check your macOS backups to ensure they work correctly<\/a>.<\/p>\n How to Verify Your Backups are Working Properly<\/a><\/p><\/blockquote>\n\n
macOS Sequoia 15.1<\/h3>\n
\n
\n
\n
\nIn this update, Apple addressed 61 vulnerabilities with CVE (Common Vulnerabilities and Exposures) numbers assigned to them. Here are a handful of notable ones:<\/p>\n\n
\n<\/strong>Impact: An app may be able to access information about a user’s contacts
\nDescription: A privacy issue was addressed with improved private data redaction for log entries.
\nCVE-2024-44298: Kirin (@Pwnrin) and 7feilee<\/p>\n
\nImpact: An app may be able to read sensitive location information
\nDescription: A privacy issue was addressed with improved private data redaction for log entries.
\nCVE-2024-44289: Kirin (@Pwnrin)<\/p>\n
\nImpact: A person with physical access to a Mac may be able to bypass Login Window during a software update
\nDescription: This issue was addressed through improved state management.
\nCVE-2024-44231: Toomas R\u00f6mer
\nand
\nImpact: An attacker with physical access to a Mac may be able to view protected content from the Login Window
\nDescription: This issue was addressed through improved state management.
\nCVE-2024-44223: Jaime Bertran<\/p>\n
\nImpact: An app may be able to read sensitive location information
\nDescription: This issue was addressed with improved redaction of sensitive information.
\nCVE-2024-44222: Kirin (@Pwnrin)<\/p>\n
\nImpact: An app may be able to access sensitive user data
\nDescription: A privacy issue was addressed with improved private data redaction for log entries.
\nCVE-2024-44292: Kirin (@Pwnrin)<\/p>\n
\nImpact: Private browsing may leak some browsing history
\nDescription: An information leakage was addressed with additional validation.
\nCVE-2024-44229: Lucas Di Tomase<\/p>\n<\/blockquote>\nmacOS Sonoma 14.7.1<\/h3>\n
\nIn this update, Apple addressed 46 vulnerabilities with CVEs assigned. For the list of security patches included in Sonoma 14.7.1, have a look here<\/a>.<\/p>\nmacOS Ventura 13.7.1<\/h3>\n
\nIn this update, Apple addressed 43 vulnerabilities with CVEs assigned. For the list of security patches included in Ventura 13.7.1, have a look here<\/a>.<\/p>\nSafari 18.1 for macOS Ventura and Monterey<\/h3>\n
iOS 18.1 and iPadOS 18.1<\/h3>\n
iOS 17.7.1 and iPadOS 17.7.1<\/h3>\n
tvOS 18.1<\/h3>\n
visionOS 2.1<\/h3>\n
watchOS 11.1<\/h3>\n
HomePod Software 18.1<\/h3>\n
What Apple didn’t patch<\/h3>\n
\n
Old vulnerabilities remain unpatched<\/strong><\/h4>\n
How to install Apple security updates<\/h3>\n
For macOS updates<\/strong><\/h4>\n
softwareupdate -l<\/code> (that\u2019s a lowercase L) and press Return\/Enter, then check System Settings > General > Software Update again.<\/p>\nFor other Apple OS updates<\/strong><\/h4>\n
It’s wise to back up before updating<\/strong><\/h4>\n