Apple has just released the first update to macOS Mojave, version 10.14.1. It’s a large update, over 3 GB in size, although as usual information on what has changed is limited. This does introduce Group FaceTime, which wasn’t ready for the initial release of 10.14 just over a month ago, together with support for over seventy new emoji characters. I’m sure that they alone don’t account for the size of the update, though. Apple’s ‘release notes’ are here.
Security fixes are significant: these include improved input validation in afpserver, fixing a vulnerability in CoreCrypto, fixes for EFI firmware, several kernel bugs, ongoing issues in speculative execution, multiple issues in Ruby (Sierra only), and bugs in security (one reported by Patrick Wardle). A fuller list is here. There is no mention of the two vulnerabilities discovered in the TCC privacy protection system though.
There are plenty of security fixes in that list for Sierra and High Sierra as well as Mojave, making these important updates for all Macs running macOS 10.12.6 and later.
Existing users of Mojave should update through the Software Update pane. A standalone update package (.dmg) for Mojave 10.14 is now available from here.
Sierra and High Sierra Security Updates should be available through the (old) App Store as usual. Standalone updaters are available from here for High Sierra, and from here for Sierra. This is Security Update 2018-002 for High Sierra, although the Security Notes refer to it incorrectly as 2018-001, and 2018-005 for Sierra.
Updated 2210 30 October 2018 with details of standalone updaters.