PSA: Why it's best to stay current with macOS.

Colstan · Jan 23, 2023

This is my annual reminder to keep your Macs updated. Apple has released a new round of patches, including macOS 13.2 Ventura. I just installed it and haven't experienced any issues. As I said the the title, it's best to have the latest version of macOS installed, because it gets 100% patched, which Apple has officially backed me up on. According to the security notes, excluding the two WebKit patches to Safari, the number of security fixes for each updated version of macOS are as follows:

Ventura: 20
Monterey: 13
Big Sur: 6

Obviously, it's up to each individual user to decide when to update to a newer version, but if you are concerned about security, then Ventura is what you should likely be running, if possible.

Clix Pix · Jan 23, 2023

I usually wait a day or so before installing new system/security updates, etc.....just to be sure that there aren't any unexpected "gotchas" that I should know about. Also I like to wait to do this during a time when the Apple servers aren't going to be slammed by a mad rush of everyone and his cousin all now off work and trying to do the updates, and since I have the luxury of being retired and not having a significant portion of my day filled with work obligations, I usually try to do updates during a time frame where the servers will be less busy and I can get the process done more quickly and smoothly. Just to be clear, though, I definitely am not someone who dawdles around for days or weeks or longer when there is a security update announced -- those are indeed very important and should be attended to sooner rather than later. It baffles me why some people continue to run older machines with older versions of the OS and casually skip updates....well, that's their problem, not mine.

Colstan · Jan 23, 2023

Clix Pix said:
I usually wait a day or so before installing new system/security updates

This isn't an unwise strategy. I think that's true particularly for older versions of macOS, which likely aren't tested as thoroughly as the latest release. I kept my 2018 Mac mini on Mojave for longer than I probably should have, and Apple botched one of the final security updates which it received. I had to reinstall from Time Machine. It was a minor pain, but there's always the chance of something serious happening. I haven't experienced anything that dramatic with Ventura, so I think it's a solid release. Even so, caution is always warranted, just as are good backups.

ronntaylor · Jan 23, 2023

Colstan said:
This is my annual reminder to keep your Macs updated. Apple has released a new round of patches, including macOS 13.2 Ventura. I just installed it and haven't experienced any issues. As I said the the title, it's best to have the latest version of macOS installed, because it gets 100% patched, which Apple has officially backed me up on. According to the security notes, excluding the two WebKit patches to Safari, the number of security fixes for each updated version of macOS are as follows:

Ventura: 20
Monterey: 13
Big Sur: 6

Obviously, it's up to each individual user to decide when to update to a newer version, but if you are concerned about security, then Ventura is what you should likely be running, if possible.

Planning to update in a few minutes. Just finished updating my Apple Watch, iPad Air and iPhone.

exoticspice1 · Jan 23, 2023

Thanks for the update gonna update my Dad's iPhone and my MacBook.

Colstan said:
This is my annual reminder to keep your Macs updated. Apple has released a new round of patches, including macOS 13.2 Ventura. I just installed it and haven't experienced any issues. As I said the the title, it's best to have the latest version of macOS installed, because it gets 100% patched, which Apple has officially backed me up on. According to the security notes, excluding the two WebKit patches to Safari, the number of security fixes for each updated version of macOS are as follows:

Ventura: 20
Monterey: 13
Big Sur: 6

Obviously, it's up to each individual user to decide when to update to a newer version, but if you are concerned about security, then Ventura is what you should likely be running, if possible.

.

Colstan · Feb 10, 2023

I mentioned above how Apple had to pull the 2020-005 security update for Mojave because of major bugs that came along with it. CPU utilization would spike, the fan would sound like a jet engine, and programs would be sluggish or randomly crash. Ostensibly, this was a minor security update that should have had proper testing beforehand, but Apple pulled it almost immediately, because it was clearly not ready for a full release.

A similar problem happened where Safari would kernel panic using a 2018 Mac mini running Mojave (not Catalina) and the only fix was to update to the Big Sur firmware (which was in beta, at the time). It wasn't officially patched until months later, when that firmware version shipped with Big Sur and trickled down to Mojave in a security update. This happened to everyone with a 2018 Mac mini who was running Mojave after applying security update 2020-002. Because I needed to continue to use Mojave, at that time, I switched to Firefox, until I ended up installing the Big Sur beta firmware so that I could use Safari again.

Last year, Apple finally backed up what myself and others have been saying: only the most current version of macOS receives 100% of the latest security patches. What Apple doesn't tell you, and never will, is that the oldest versions also receive the least amount of testing, assuming there's much testing done at all. Those two massive problems with Mojave didn't happen in the most recent shipping version of macOS, at that time.

Now, it's Big Sur's turn to receive inadequate testing. While not nearly as bad as what happened with those Mojave updates, Big Sur 11.7.3, the latest security patch, prevents the icons in Safari's Favorites section from appearing properly.

This is yet another reason that I think it is best to run the latest version of macOS, whenever possible. The old school way of thinking is that once a version of macOS hits maintenance mode, it's essentially "done", and only requires an occasional minor security patch. Those "minor" patches often touch major parts of the operating system, and I don't think Apple tests them nearly as well as the most current release.

The vague, roughly two years of additional security patches often seem like an afterthought. Apple won't officially commit to fully patching these old versions 100% and don't appear to test them as rigorously. I suppose it's better than nothing for Mac users who are still stuck using an older macOS release, for whatever reason, but the tradeoffs should be clear.

So, it's not just the lack of 100% security coverage that is an issue, but it also appears that Apple doesn't test those older versions as well as the most current release of macOS, either. I never imagined that I would have to install beta firmware to properly use Apple's own web browser, but that's exactly what 2018 Mac mini owners needed to do a few years ago.

exoticspice1 · Feb 10, 2023

Colstan said:
I mentioned above how Apple had to pull the 2020-005 security update for Mojave because of major bugs that came along with it. CPU utilization would spike, the fan would sound like a jet engine, and programs would be sluggish or randomly crash. Ostensibly, this was a minor security update that should have had proper testing beforehand, but Apple pulled it almost immediately, because it was clearly not ready for a full release.

A similar problem happened where Safari would kernel panic using a 2018 Mac mini running Mojave (not Catalina) and the only fix was to update to the Big Sur firmware (which was in beta, at the time). It wasn't officially patched until months later, when that firmware version shipped with Big Sur and trickled down to Mojave in a security update. This happened to everyone with a 2018 Mac mini who was running Mojave after applying security update 2020-002. Because I needed to continue to use Mojave, at that time, I switched to Firefox, until I ended up installing the Big Sur beta firmware so that I could use Safari again.

Last year, Apple finally backed up what myself and others have been saying: only the most current version of macOS receives 100% of the latest security patches. What Apple doesn't tell you, and never will, is that the oldest versions also receive the least amount of testing, assuming there's much testing done at all. Those two massive problems with Mojave didn't happen in the most recent shipping version of macOS, at that time.

Now, it's Big Sur's turn to receive inadequate testing. While not nearly as bad as what happened with those Mojave updates, Big Sur 11.7.3, the latest security patch, prevents the icons in Safari's Favorites section from appearing properly.

View attachment 21766

This is yet another reason that I think it is best to run the latest version of macOS, whenever possible. The old school way of thinking is that once a version of macOS hits maintenance mode, it's essentially "done", and only requires an occasional minor security patch. Those "minor" patches often touch major parts of the operating system, and I don't think Apple tests them nearly as well as the most current release.

The vague, roughly two years of additional security patches often seem like an afterthought. Apple won't officially commit to fully patching these old versions 100% and don't appear to test them as rigorously. I suppose it's better than nothing for Mac users who are still stuck using an older macOS release, for whatever reason, but the tradeoffs should be clear.

So, it's not just the lack of 100% security coverage that is an issue, but it also appears that Apple doesn't test those older versions as well as the most current release of macOS, either. I never imagined that I would have to install beta firmware to properly use Apple's own web browser, but that's exactly what 2018 Mac mini owners needed to do a few years ago.

Just install Linux on those old machines. Simple for tech people like us. Brings new life into obsolete machines and as far I know the 2018 mini supports Linux. So when support dies for 2018 mini then instead of trashing it, it would best to install Linux.

Colstan · Feb 14, 2023

I'm sure most of us have seen that Apple has released a relatively small security update for most of their devices, which includes the 13.2.1 update for macOS Ventura, along with Safari 16.3.1 for Monterey and Big Sur.

The 13.2.1 update for Ventura features three fixes, including a kernel exploit, a privacy issue with Shortcuts, and a WebKit vulnerability. It is notable that the WebKit issue is the only one of the three that has been fixed in Monterey and Big Sur, included in the standalone Safari update. (Big Sur doesn't have Shortcuts, so that is not an issue with that version.) The kernel exploit remains unaddressed with the previous versions.

It is important to update any supported version of macOS as soon as possible, because Apple's release notes state that they are aware of it being actively exploited.

Hence, this is clearly a critical security update.

Clix Pix · Feb 14, 2023

As soon as I saw the posts on MR yesterday I set about updating my machines and iOS devices. All done, things are fine here.....

Roller · Feb 14, 2023

For some odd reason, it took several tries to get the Ventura update to install on my Mac Studio. The first few times, when I clicked restart, I was asked for my password, and the Mac rebooted without anything being installed. I've never seen that happen before, but over the years I've found that no two macOS updates proceed identically. There's always something different, whether it's the feedback during the installation or how many times the screen goes dark, leaving me to wonder if anything's happening.

Colstan · Mar 7, 2023

On occasion, I've posted about Apple's latest updates to macOS and what exploits they fix. However, I haven't mentioned much on the practical side about actual malware, other than a few surveys taken and the most common threats. In that regard, the esteemed Dr. Howard Oakley has released a series of articles after Apple's recent update to XProtect Remediator. The first article covers the KeySteal, HonkBox and BadGacha malware that are detected in that update. The second article covers how troubleshooting has changed with macOS security measures. The third article covers the efficacy of Ventura's signature checks.

Regarding code signing and Gatekeeper, Ventura has changed compared to previous versions, as stated in Dr. Oakley's second article:

All third-party software is installed on the Data volume, making it susceptible to accidental or deliberate change, just as it has been in the past. What has changed is that all Universal executable code is required to be signed, and signing and integrity are now checked whenever an app is opened, rather just when it’s first run.

From a practical standpoint, this has a significant impact on the effectiveness of the malware which he covers in the third article:

Because the malicious software is embedded within an app that’s already signed, that signature fails when macOS checks it properly. Prior to Ventura, unless the quarantine flag is set on the app, a full signature check by Gatekeeper may well not take place, allowing the malware to install itself. Ventura changes that, as full Gatekeeper signature checks are now run even when there’s no quarantine flag set, so macOS 13 should block this successfully.

The takeaway is that not only do the prior versions of macOS not receive all of the latest patches, but the security features in Ventura are not present in earlier releases. While updates to XProtect and XProtect Remediator, along with the partial patches for prior versions, do provide some measure of safety, the best way to stay safe is to be on the latest version of macOS available.

I realize that not every user has the luxury to update as soon as possible, some software takes time to become compatible with updates to macOS, but that's on the third-party developers for that failure. End users are left in the position of potentially trading security for compatibility. Apple is currently testing Rapid Security Response in the latest macOS beta, which will become even more important for timely updates in the future.

As I have often said in this thread, unless you absolutely cannot update to the latest release of macOS, then it is best to upgrade as soon as possible. Historically, there have been some users who waited for a few updates after a major release of macOS before updating, because they believed it would be more stable, but this is an antiquated notion. Unless you can't update, either because of software compatibility or old hardware aging out, then the safest action is to update macOS whenever Apple pushes out an update, whether that be a major upgrade or a small patch. For further information, I recommend perusing Dr. Oakley's articles on the subject.

Colstan · Mar 27, 2023

It's that time of the quarter again, the Spring update for macOS, which includes many security fixes. The number of patches for each supported version are:

Ventura: 49
Monterey: 24
Big Sur: 23

Apple is now fixing only about half of the vulnerabilities in previous versions compared to the latest release of macOS. So, if possible, it's best to update to Ventura. I just installed 13.3, and all seems well, personally.

Apple also released a firmware update, versions 16.4, for the Apple Studio Display, which also includes a single security patch. Earlier this month, Apple released updates for Garage Band. I mention it because this is also a good time to make sure that all of your applications, both from Apple and third-party developers, are updated, as well.

Finally, there's new Mac malware, which sends passwords via Telegram.

As part of the theft, the software takes credentials and cookies from Firefox, Google Chrome, and Brave browsers, and also extracts the Keychain database. It also attempts to secure a variety of file types, including MP3s, text files, PDFs, PowerPoint files, photographs, and databases.

While pulling Keychain may seem like a big danger to users, the attack involves taking the Keychain wholesale, without accessing the data within it. The database does get taken and transmitted to the attacker by Telegram, but it's still encrypted.

The usual practices apply to avoid infection, with the added caveat of also not being a pothead who smokes too much cannabis. (Seriously.)

It is unclear exactly how the malware moves between Macs, but initial infections have been caused by an app called "weed.dmg." As you would expect, it looks like an executable with a leaf as an icon.

Most of us here are well aware of how to stay safe and the tradeoffs involved in using the latest versions, but not all of our friends, colleagues, and family are. So, make sure that both you and those in your tech sphere of influence update, as well.

Roller · Mar 27, 2023

Colstan said:
It's that time of the quarter again, the Spring update for macOS, which includes many security fixes. The number of patches for each supported version are:

Ventura: 49
Monterey: 24
Big Sur: 23

Apple is now fixing only about half of the vulnerabilities in previous versions compared to the latest release of macOS. So, if possible, it's best to update to Ventura. I just installed 13.3, and all seems well, personally.

Apple also released a firmware update, versions 16.4, for the Apple Studio Display, which also includes a single security patch. Earlier this month, Apple released updates for Garage Band. I mention it because this is also a good time to make sure that all of your applications, both from Apple and third-party developers, are updated, as well.

Finally, there's new Mac malware, which sends passwords via Telegram.

The usual practices apply to avoid infection, with the added caveat of also not being a pothead who smokes too much cannabis. (Seriously.)

Most of us here are well aware of how to stay safe and the tradeoffs involved in using the latest versions, but not all of our friends, colleagues, and family are. So, make sure that both you and those in your tech sphere of influence update, as well.

Thanks for posting. Worth noting that Apple also released 15.7.4 for iOS/iPadOS devices today.

Colstan · Mar 27, 2023

Roller said:
Thanks for posting. Worth noting that Apple also released 15.7.4 for iOS/iPadOS devices today.

And thank you for pointing that out. I've stuck to covering just macOS in this thread because Apple's security update methodology is different with the Mac when compared to the iDevices, even though they are released at the same time, and share many of the same exploits.

theorist9 · Mar 28, 2023

I tried Ventura in a separate volume, and really didn't like its rendering. Monterey looks great on my 2019 iMac, and pretty good on my two side monitors, especially after I calibrated all of them with my X-Rite i1 Display Pro colorimeter. [Calibration helps not just with photos and videos; it also makes the monitor much nicer to work with for text.] With Ventura I got eye strain. Granted, one should re-calibrate for each new OS, but Ventura was so far off, and Monterey works so well for me, that I've decided to just wait for the next OS after Ventura to see if things are better. I did read online that Ventura has a color bug, so perhaps that's what's causing the issue. I'm probably more sensitive than most to things needing to be be just right in order to avoid eye strain.

Interestingly, I read a warning that one should not try a new OS in a separate volume, because doing so can cause issues with your existing volume (there's not supposed to be cross-over, but that may not be the case)—what's recommended is to instead set up a separate partition. Unfortunately, I've found that, with use, my existing data spreads out over the SSD such that eventually it can no longer be partitioned (I have 1.1 TB of data on a 2 TB SSD, but it said there wasn't enough room to make a partition). Thus I had to make a volume for Ventura instead. And, sure enough, a day after I deleted the Ventura volume, some of my Finder sidebar elements went away. I tried to fix by rebooting, but got an error message with a question mark that told me to try doing first aid on everything. That didn't fix the problem, so ultimately I had to wipe the whole drive and start over. This time I set up a spare partition to start. That way when I want to try the next OS, I'll be able to put it into a separate partition.

Colstan · Apr 12, 2023

I'm a few days late on this, but it's time for your friendly reminder to update macOS. This time, there are only two exploits, but both are considered critical, because Apple claims that they are "aware of a report that this issue may have been actively exploited". The two patches are for flaws in IOSurfaceAccelerator and WebKit, both of which are patched in the latest supported versions of macOS and the iDevices.

It is notable that the update for macOS Ventura, 13.3.1, was released three days prior to the updates for Monterey and Big Sur, with the WebKit vulnerability being patched for the older versions in a separate Safari update.

Considering that Apple is now only patching roughly half of the vulnerabilities in Monterey and Big Sur relative to Ventura, and this latest three-day delay for older versions, I think is more indication that Apple is pushing for Mac users to install the most current version of macOS. It does make me wonder if, after the Intel transition is complete, Apple will move macOS updates closer to the iOS model of shepherding Mac users to almost exclusively using the latest version of macOS if they want the latest security patches. That hasn't historically been the case, but Apple has never officially promised two years of support for older versions, either.

Colstan · May 1, 2023

Y'all may have noticed that Apple just issued the first Rapid Security Response for iOS and macOS.

Apple has just released the first Rapid Security Response for Ventura

Apple has just released the first of its new Rapid Security Responses (RSRs) for macOS 13.3.1 Ventura. This is indicated as macOS Rapid Security Response 13.3.1 (a), and is just just over 300 MB to…

eclecticlight.co

RSR only applies to macOS Ventura, so users still on Monterey or Big Sur will have to wait for fixes, assuming they receive them. Earlier versions are now only getting about 50% of the patches compared to the latest release.

Colstan · May 18, 2023

This is probably the last time I'm going to do this, everyone here knows the score, and you don't need me to cajole you into updating. Unless something major occurs, I thank you all for listening, and hope that you stay safe in your computing endeavors. That being said, for your pre-WWDC pleasure, Apple has released the latest round of updates for all major platforms, including macOS Ventura 13.4 and Safari 16.5. The bug fixes are small, being a late-stage point release, but the security patches are numerous.

Compared to the previous versions, Ventura continues to receive nearly twice the number of fixes. Excluding the five patches for Safari, the number of vulnerabilities patched are as follows:

Ventura: 43
Monterey: 27
Big Sur: 24

As has been the case for some time, and backed up by Apple's own statements, only the latest version of macOS receives full security support.

Thanks again, stay updated, and as they say in Chicago: patch early, patch often!

Cmaier · May 18, 2023

Colstan said:
This is probably the last time I'm going to do this, everyone here knows the score, and you don't need me to cajole you into updating. Unless something major occurs, I thank you all for listening, and hope that you stay safe in your computing endeavors. That being said, for your pre-WWDC pleasure, Apple has released the latest round of updates for all major platforms, including macOS Ventura 13.4 and Safari 16.5. The bug fixes are small, being a late-stage point release, but the security patches are numerous.

Compared to the previous versions, Ventura continues to receive nearly twice the number of fixes. Excluding the five patches for Safari, the number of vulnerabilities patched are as follows:

Ventura: 48
Monterey: 27
Big Sur: 24

As has been the case for some time, and backed up by Apple's own statements, only the latest version of macOS receives full security support.

Thanks again, stay updated, and as they say in Chicago: patch early, patch often!

No. Keep doing it.

Colstan · May 18, 2023

Cmaier said:
No. Keep doing it.

Okay. I assumed folks wouldn't want me beating them over the head to update on an annual basis, but if it's useful then...

I will.

PSA: Why it's best to stay current with macOS.

Site Champ

Focused

Site Champ

Elite Member

Site Champ

Site Champ

Site Champ

Site Champ

Focused

Elite Member

Site Champ

Site Champ

Elite Member

Site Champ

Site Champ

Site Champ

Site Champ

Site Champ

Site Master

Site Champ

Similar threads