hoakley November 4, 2019 Macs, Technology

What changed in Mojave 10.14.6 Security Update 2019-001?

I don’t very often look at what has changed in macOS Security Updates, but in the case of Mojave 10.14.6 Security Update 2019-001, I thought it might be both interesting and useful for the many who haven’t yet orphaned all their 32-bit apps and upgraded to Catalina.

Apple’s release notes are as terse as they come: according to those, this update “improves the security of macOS”. And that’s it.

The accompanying security release notes refer to fixes in AppleGraphicsControl, Audio, CUPS, File Quarantine, File System Events, Graphics, IOGraphics, two kernel bugs, libxml2, libxslt, manpages, PluginKit, and UIFoundation.

Looking through the bundled apps, I was surprised to discover that Photos has been updated, its build number incremented to 3461.7.150, with accompanying new builds of its supporting frameworks and iCloud support.

Going a bit deeper, the following items in /System/Library have also changed significantly in this Security Update:

several Assistant plugins
Siri app, its version rising to 146.15.4
Cloud Photos, with only a minor update
AMD Radeon driver KEXTs, which here have minor increments rather than the more substantial version changes in macOS 10.15.1, but there’s no sign of any support for Radeon 6000 series graphics cards in Mojave
Intel graphics driver KEXTs also have minor increments
APFS rises from version and build number 945.275.7 to 945.275.8
minor increments in many public and private frameworks
Python framework rises from 2.7.10 to 2.7.16
‘Speech’ (Siri) preference pane is updated to version 146.15.4.

The overall build number for this new version of macOS Mojave is now 18G1012.

Included with this update, but not mentioned anywhere, are firmware updates for all models with T2 chips, which in this case brings their firmware version numbers into alignment with those of T2 Macs which have been upgraded to 10.15.1. However, models which lack the T2 chip don’t have any firmware updates on this occasion, which leaves them 1-3 versions behind the same model which has been upgraded to Catalina.

For those with multiple boot disks, providing the option of starting up in Catalina or an older version of macOS, this can cause confusion. Once a Mac has been upgraded to Catalina, it then runs the newer firmware installed in that upgrade even when it’s booted from the earlier version of macOS.

Unlike the 10.15.1 update, the Security Updates for High Sierra and Mojave don’t include the concurrent update to XProtect data files, which has to be downloaded and installed separately if you’re running an older version of macOS.

15Comments

Add yours

1

alvarnell on November 4, 2019 at 8:54 am

“ Once a Mac has been upgraded to Catalina, it then runs the newer firmware installed in that upgrade even when it’s booted from the earlier version of macOS.”

You seem surprised by this? Once EFI firmware has been updated on the motherboard, I wouldn’t expect it to then be downgraded when booting to a lesser OS.

LikeLiked by 2 people
- 2
  
  hoakley on November 4, 2019 at 9:00 am
  
  Thank you.
  No, I’m not surprised, because that’s how firmware works. However a lot of users seem to assume that firmware is merely loaded from disk. When they try out, for example, a public beta of Catalina, which brings a firmware upgrade, they assume that removing that and returning to Mojave somehow reverts the firmware that they’re running.
  In this context it’s an important fact to bear in mind, as it may explain why the firmware in your Mac is more recent than the version of macOS, thus apparent discrepancies shown by utilities such as SilentKnight. I have had several questions about this!
  Howard.
  
  LikeLike
  - 3
    
    Javier Gallardo Vía on November 4, 2019 at 7:48 pm
    
    I’m very interested in this fact that I already knew, but comes to mind thanks to your remark. It’s important to me, as I’m planning to make a bootable external copy of my iMac running Mojave (and a few 32bit apps I need), and upgrade later to Catalina as main system. So, I could start from external Mojave just to use some apps; I need them a dozen times a year, but I do need them.
    This changes things…
    It seems -by reading your article- that consequences are unknown; Mojave could start, or it couldn’t.
    Or, is this an anomaly, and we must wait for a firmware levelling in next updates?
    This is getting itchy, as I’m quite happy on Mojave, but all my iOS devices are pushing me to Catalina!
    What happened in the past? Was firmware up to date in macs? (as it was perfectly possible to use two different systems).
    Thank you.
    
    LikeLiked by 1 person
    - 4
      
      hoakley on November 4, 2019 at 7:59 pm
      
      This article gives a bit more background. It is unusual for Macs running different supported versions of macOS to have different firmware versions, and I had been expecting Apple to bring them into sync. It may well do that still.
      I and many other Catalina beta testers ran dual-boot systems with Mojave and Catalina beta, which had updated firmware but ran Mojave just fine. So I don’t know of any reason that shouldn’t be able to do that now except for Apple’s Mail, which doesn’t search well across the versions of macOS, apparently. I’d also be very wary about running Time Machine backups from both – that could cause problems.
      But to be able to boot occasionally from Mojave to run some old 32-bit apps, it should be fine. The alternative is to set Mojave up in a Virtual Machine, using VMWare or Parallels Desktop – that works well, although some old apps like Aperture won’t install in a VM, apparently.
      Howard.
      
      LikeLike
  - 5
    
    Javier Gallardo Vía on November 4, 2019 at 8:47 pm
    
    Thank you very much indeed for your clarifying answer.
    Of course, not having deep knowledge about this things, I’m enough sensible to plan having just an isolated system to run those few apps. Having to deal with whatever kind of syncing could drive to problems for sure, prefer to be cautious. (Just a backup of that drive and occasional updates checks should be its only connection with outer world… 🙂
    Javier.
    
    LikeLiked by 1 person
  - 6
    
    JamesS on November 6, 2019 at 4:23 am
    
    The firmware on a mac with a T2 chip is much more complicated, the T2 is its own processor running its own operating system (bridgeOS).
    
    But specifically, one of the new security functions of this chip is the secure boot that is performed to validate the installed operating system. One step of this validation is to prevent the installation of older copies of macOS.
    
    LikeLiked by 1 person
    - 7
      
      hoakley on November 6, 2019 at 6:17 am
      
      Thank you.
      I’m not sure what you mean by “older copies of macOS”. The user controls the level of Secure Boot which takes place, and can turn it off completely, allowing that Mac to boot from an external drive, for example.
      The Secure Boot process is described in this article here, and here by Apple. As fully updated copies of High Sierra, Mojave and Catalina all boot off the same version of bridgeOS (or iBridge), the same firmware will boot three different versions of macOS. I don’t think that any T2-equipped Macs can boot from Sierra anyway, so those Macs can boot from properly installed and updated versions of any of three versions now.
      Howard.
      
      LikeLike
8

Valdo on November 5, 2019 at 3:41 pm

Hello,
I have no idea if my recent “discovery” has to do with Catalina, but is very strange.
I use iCloud to sync my Notes, Contacts, Passwords and Calendar through 3 devices.
After a quite long time today I logged into the iCloud through the web access to find out that the Calendar is empty. On all my 3 devices the Calendar is filled, nothing missing.
Something went wrong or I misunderstood something?
The content of Notes and Contacts is there… Help please.

LikeLiked by 1 person
- 9
  
  hoakley on November 5, 2019 at 3:48 pm
  
  Thanks.
  If the Calendar items don’t show up soon in the Web service, you should contact Apple Support. There’s nothing that you can do to fix the iCloud web service, although it may be a service problem.
  I wish you success,
  Howard.
  
  LikeLike
10

Valdo on November 5, 2019 at 4:00 pm

Thank you Howard, but where I find the email contact to support?

LikeLiked by 1 person
- 11
  
  hoakley on November 5, 2019 at 4:02 pm
  
  The best thing is to download the iOS app from the App Store.
  Howard
  
  LikeLike
12

Jasen on December 27, 2019 at 12:05 am

After the updated installed, i have lost all access to my localhost stuff i was working on… Anyone know why?

can I uninstall the update? the mac does not have time machine turned on…

LikeLiked by 1 person
- 13
  
  hoakley on December 27, 2019 at 7:19 am
  
  Sorry, you can’t uninstall a security update, only revert to a pre-update snapshot or restore from a backup.
  I suspect that something in your Mac’s settings got changed with the update – you’ll need to check through them carefully.
  Howard.
  
  LikeLike
14

meeubanks on December 27, 2019 at 12:06 am

After the install of the update which took a long time, i have lost all access to any localhost i was running.

i can ping them and it shows no data loss, but i can not view the sites in any browsers.

LikeLiked by 1 person
- 15
  
  hoakley on December 27, 2019 at 7:20 am
  
  Have you tried restarting your Mac?
  Howard.
  
  LikeLike

·Comments are closed.

Share this:

Related