Last Week on My Mac: Apple Remote

It’s not unusual for Apple to fluff a significant macOS update, but it’s been a while since one went as badly wrong as Mojave 10.14.6 and its accompanying security updates.

Apple released these as a trio on 22 July. They’re important if officially ‘minor’ updates, as 10.14.6 is almost certainly the last version of Mojave, and Security Update 2019-004 is probably the last security update for Sierra. Users of older Macs which are unable to upgrade to Catalina or High Sierra, respectively, are therefore likely to be left running these until their Macs are finally retired.

Within a few hours, users of some MacBook Pro models reported that updating caused their Mac serious grief: when it went to sleep and tried to awake, the Mac suffered a kernel panic and automatically rebooted. Given that most MacBook Pro users put their Macs to sleep rather than shut them down, and sleep is the standard response to closing the lid, this was extremely serious.

Rather than telling users what was going on, Apple then removed the web pages offering the two security updates, although at first the download links apparently continued to work. For a week, until 29 July, those updates were unavailable from Apple, and any attempt to apply an existing copy of either to a T2-equipped model failed because Apple had also withdrawn the BridgeOS update which was required for that to complete.

At first, removal of the BridgeOS update suggested that this problem extended to the 10.14.6 update, which Apple continued to provide. However, further investigation suggested that the 10.14.6 update was unaffected by this problem with wake from sleep. Apple continued its silence, and didn’t even ‘leak’ any information to favoured members of the press.

When the two security updates appeared again on 29 July, we all assumed that the problems were over, and all three updates were now good to install. All hadn’t gone quiet on Apple’s update servers, with some (Al Varnell and Mr. Macintosh in particular) noting odd goings on, such as the 10.14.5 installer being silently replaced. Apple remained mum.

Then out of the blue on 1 August, Apple released Mojave 10.14.6 Supplemental Update. The only information about it which I can find is the vague statement:
“The macOS Mojave 10.14.6 Supplemental Update fixes an issue that may prevent certain Macs from waking from sleep properly.”

Given that for more than week, Apple had continued to provide the 10.14.6 update to all models of Mac, as far as we’re able to tell, this came as something of a shock. Examining the Supplemental Update also identified the four models which were affected, and required EFI firmware updates:

  • MacBookPro13,2 – MacBook Pro 13-inch 2016 with four Thunderbolt ports,
  • MacBookPro13,3 – MacBook Pro 15-inch 2016,
  • MacBookPro14,2 – MacBook Pro 13-inch 2017 with four Thunderbolt ports,
  • MacBookPro14,3 – MacBook Pro 15-inch 2017.

These models don’t have a T2 chip, but the earlier T1 which controls their Touch Bar. The revised security updates for Sierra and High Sierra also contain those same four EFI firmware updates.

Over this period, Apple has published three press releases. None of them concerns problems with these updates, nor explains why so many recent MacBook Pros were suffering kernel panics. As Apple doesn’t provide a list of new support notes, it’s almost impossible to discover whether it was mentioned in one, but I have been unable to locate any mention of the update saga, or warning to those MacBook Pro users that Apple had identified a problem.

Amazingly, these shenanigans seem to have slipped past the general Mac press too. Although the release of the 10.14.6 Supplemental Update is quite widely reported, most of the rest of this painful saga seems to have been ignored.

The evidence now points to the following:

  • EFI firmware updates released in macOS 10.14.6 and the two Security Updates 2019-004 were inadequately tested against the full range of Mac models, and those for the four MacBook Pro models identified above suffered a severe bug causing a kernel panic when waking from sleep.
  • Apple was unaware of these bugs until after releasing the three updates on 22 July 2019.
  • Shortly after many users had installed those updates, the high frequency of reports of kernel panics caused Apple to investigate, and to discover the cause.
  • Apple knew quite quickly which models were affected.
  • Instead of pulling all three updates immediately, Apple curiously only pulled the two security updates, leaving users of those models which were running Mojave continuing to install an update which could affect their Macs severely.
  • At no time did Apple attempt to warn users of those specific models of the problem, which it kept secret.
  • Apple fixed the bug in EFI firmware updates that were released in updated security updates on 29 July, but still took no action to inform users of affected models of the bug in the 10.14.6 update, nor of the intended release of a Supplemental Update.
  • When Apple finally released the Supplemental Update, it still failed to identify the affected models or to offer any form of apology to those users who had been affected by the bug.

As it happens, I don’t have any of the models affected. But I can well understand owners – many of whom have already had problems with their ‘butterfly’ keyboards – being incensed. This isn’t the Apple that we knew in the past.