hoakley November 14, 2020 Macs, Technology, Updates

Apple updates for every Mac: a summary of the last days

From Thursday 12 November Apple released a succession of important updates and upgrades for macOS. These were complicated by the fact that from around 1800 UTC on 12 November, for a period of 6 hours or so, Apple’s software update servers weren’t working normally, and for many users returned errors. To help you catch up with what was released, here’s a quick summary of each update.

macOS 11.0.1 Big Sur

Although there have been a few reports of problems during installation, once Apple’s servers were working properly this 12 GB upgrade seems to have rolled out quite smoothly to Intel Macs. Apple has published a very long list of all the security fixes in 11.0.1, and this list of its ‘enterprise’ changes.

Apple’s new M1 Macs, when they arrive, will require immediate update from macOS 11.0 which they’ll ship with, at least for the time being, to bring them up to 11.0.1. This is particularly important to be able to restore sealed copies of the System volume.

Firmware versions have changed across most if not all Macs which have been updated to 11.0.1. Apple Silicon Macs should now be running iBoot 6723.50.2; as they don’t have EFI firmware, that should be shown as the firmware version on some models. For those receiving early bird M1 models, I will be updating SilentKnight and LockRattler again to ensure that they work properly with new iBoot versions.

Intel Macs with T2 chips which have been upgraded to Big Sur should show a firmware version of 1554.50.3.0.0 iBridge 18.16.12561.0.0,0.

Because of these changes, I intend compiling a new page giving firmware version numbers for Macs of both species running Big Sur. This will take me a little while to assemble, though. For the time being, those using my free tool SilentKnight will see their newer firmware versions being reported in green, but with the newer number. SilentKnight is designed to accept that, as it often occurs in systems with beta-releases installed. It will only complain when the firmware found is older than that expected according to its database.

Security data updates

XProtect 2135 brings some small changes to its detection signatures, as detailed here. MRT 1.72 was pushed at the same time; versions 1.70 and 1.71 were never released publicly.

Gatekeeper version numbers are behaving strangely in Big Sur, and seem to be determined by the version installed by the previous system. On a Mac which has never run any version prior to Big Sur (including its betas), it can remain as low as 94. However, systems which have been updated from Catalina and earlier uniformly show 181. I have now changed the value in the database used by SilentKnight to 181. If you have a Mac which still shows 94, don’t be worried, as it looks as if this database is now unused anyway.

Other general updates

Safari 14.0.1 was released on 12 November, and should be pushed via Software Update.

Pro Video Formats 2.2.0 was also released on 12 November, and pushed via Software Update.

macOS 10.15.7 Supplemental Update

Apple has finally posted the standalone installer versions of this recent SU. The Combo version and smaller Delta version are both available now, and were posted on 11 November.

Security Updates for older macOS

Mojave and High Sierra Security Update 2020-006 were made available on 12 November through Software Update. Their accompanying security release notes are here, and include two of the kernel vulnerabilities and the font parser bug already fixed in Catalina. Standalone installers are available:

here for High Sierra,
and here for Mojave.

As these are essentially the same fixes already supplied in 10.15.7 Supplemental Update, there’s no matching security update for Catalina.

This is expected to be the very last security update which Apple provides for High Sierra.

Other service failures on 12 November 2020

Thursday’s software update service failure was accompanied by other service failures, including iMessages, OCSP (at ocsp.apple.com) which caused widespread inability to launch apps, even the Developer Documentation service. And it wasn’t even Friday 13th.

(Updated 23 November 2020 with links to standalone security updates.)

17Comments

Add yours

1

Bryan Christianson on November 14, 2020 at 8:33 am

“And it wasn’t even Friday 13th.”

It actually was Friday 13th here in the antipodes when Big Sur was released at 7:30am.
I started a download with installinstallmacos.py at about 8:30 am. The first 2GB of the update came through very quickly, and then about 8:45 am it turned up it’s toes. I updated to the most recent version of the script (I saw it had been patched) but it still wasn’t working. At that point I gave up and waited until today when it worked as expected.

LikeLiked by 1 person
- 2
  
  hoakley on November 14, 2020 at 9:46 am
  
  Thank you.
  Howard.
  
  LikeLike
3

alvarnell on November 14, 2020 at 10:29 am

Last time I checked, the delta and combo macOS 10.15.7 Supplemental Updates were reversed on their respective Download pages. Don’t know that that has been fixed yet.

LikeLiked by 1 person
- 4
  
  hoakley on November 14, 2020 at 10:32 am
  
  Thank you. I have just checked and they do appear to be correct now.
  Howard
  
  LikeLike
5

josehill on November 14, 2020 at 3:55 pm

A lot of Macs also received a separate ‘macOS Supplemental Update- ‘ without an explicit version number in the last 48 hours. According to Jeff Johnson, the update “fixes 32-bit audio apps crashing on launch, which was caused by the ‘Mobile Device’ update for iOS 14.”

I’ve seen the update on several Macs, including an older system running macOS 10.12.6 Sierra, though I haven’t had the chance to inspect the specific packages that were installed. https://twitter.com/lapcatsoftware/status/1327284761879060482

LikeLiked by 1 person
- 6
  
  hoakley on November 14, 2020 at 5:21 pm
  
  Thank you.
  Have you inspected it using my free SystHist, which lists all the BoM contents?
  My 10.15.7 system here received a silent update on 11 November which contained what looks much like that update. So Apple has probably been rolling it out over the week. It was also invisible to softwareupdate and SilentKnight, but detailed in SystHist. It’s not uncommon.
  Thankfully no malware developer has yet worked out how to how exploit Apple’s complete silence on such updates, which must drive sysadmins crazy.
  Howard.
  
  LikeLike
  - 7
    
    josehill on November 14, 2020 at 9:09 pm
    
    I’ve had the chance to look at the installed packages. The packages in question are updates to the “Mobile Device on Demand” software that allows Macs to work with mobile devices and iOS versions that are newer than the installed version of macOS.
    
    Interestingly, the “Mobile Device on Demand” software normally is delivered through an unusual update dialog in iTunes that appears after connecting an iDevice and tends to confuse many users, but this time, they were delivered through the normal softwareupdate mechanism and (IIRC) visible in SilentKnight, at least on Mojave and earlier.
    
    Using “softwareupdate -la –include-config-data”, the update appeared as “macOS Supplemental Update- ” (including the dash and trailing space). The update is listed in the Apple Software Catalog as “MobileDeviceSU2.smd” containing “CoreTypes” and “MobileDeviceSU2” packages.
    
    PS. Thanks for SystHist. It’s a very convenient tool.
    
    LikeLiked by 1 person
    - 8
      
      hoakley on November 14, 2020 at 10:23 pm
      
      Thank you.
      That’s interesting, because my update (10.15.7) came through and auto-installed even though I have Install system data files and security updates turned off in Software Update. Neither do I recollect seeing it in SilentKnight, although I check with that several times a day. Maybe Catalina bypasses its own controls.
      Howard.
      
      LikeLike
9

Rob Menke on November 14, 2020 at 4:57 pm

The 11.01 update fixed cloning the System Volume. CCC also released an update and it works – so happy cloning.

What they didn’t fix is the iMac 17,1 firmware update issue – still stuck at 170.

LikeLiked by 1 person
- 10
  
  hoakley on November 14, 2020 at 5:46 pm
  
  Erm, I’d hold your horses just a second on that one. Yes, Mike Bombich and Dave Nanian have confirmed that 11.0.1 appears to fix the bugs in asr, which isn’t about cloning but restoring the new SSV in Big Sur. The last that I saw both cautioned users, as their products have to undergo proper testing cycles before they can release updates which can restore the SSV from a clone. Both advise not upgrading to Big Sur until they have tested and shipped further updates which can restore the SSV.
  Howard.
  
  LikeLike
11

antbee on November 15, 2020 at 2:31 am

So far, as of 22:22 AST, I have not seen nor can find a Safari 14.0.1 update, nor is it showing up when checking software update. The only update still showing for me is Big Sur, and I am waiting to do that, so I still have Garageband showing in the App Store as an update as well.

Thank you kindly for all you do, Howard. I just discovered your blog and it’s very useful and helpful information and software. I was also quite surprised to see so much art included on your blog, and especially excited to see so much interest in the Pre-Raphaelites. I had a partner who loves their paintings, and I fell quite hard for them, too, once he had shown me some of them.
I am going to keep exploring, as I love history, art and mythology, of which I have caught glimpses.
Thank you, again!

LikeLiked by 1 person
- 12
  
  hoakley on November 15, 2020 at 9:12 am
  
  Thank you.
  Howard.
  
  LikeLiked by 1 person
13

antbee on November 15, 2020 at 6:45 pm

You’re welcome, Howard!

LikeLiked by 1 person
14

lestertwice on December 3, 2020 at 4:29 pm

I upgraded from Sierra to High Sierra (10.13.6 build 17G14042) on November 30 and installed updates from App Store on next day. The apps I had purchased from App Store didn’t launch anymore and it looks like Apple made a mess with Security Update 2020-006 (at least High Sierra installations preceding November 11 seem not to be affected). I applied a temporary (?) fix posted by a user on a long Apple Discussion:
https://discussions.apple.com/thread/252037712

I’m referring to this post:
https://discussions.apple.com/thread/252037712?answerId=253982289022#253982289022

Another among several:
https://discussions.apple.com/thread/252123530

I have another issue with Finder hanging on first command I use (both click or shortcut) after logging in and many “Failed to set up CFPasteboardRef ‘AppleInputSourcesInUIOrderPasteboard’.” log entries but that’s most likely another kettle of fish.

LikeLiked by 1 person
- 15
  
  hoakley on December 3, 2020 at 11:21 pm
  
  I’m sorry to hear that. Have you contacted Apple Support?
  Unfortunately I’ve not run High Sierra here since the release of Mojave, so don’t have anything that I can look at.
  Howard.
  
  LikeLike
  - 16
    
    lestertwice on December 4, 2020 at 2:23 pm
    
    I think Apple knows about issues with latest security update and I feel it will ignore it, maybe patch it silently in a near future (but I wouldn’t be that confident). As for Finder issue it’s more obscure, I’m taking exact timestamps and checking with Ulbow but didn’t find anything suspect so far. Only my account is affected but the Finder hangs even starting up in safe mode. I’ll keep investigating.
    
    LikeLiked by 1 person
    - 17
      
      hoakley on December 4, 2020 at 5:48 pm
      
      Apple may know, but how many calls has it logged?
      – 1 caller = OK, try the usual panaceas
      – 10 callers = maybe we should escalate this
      – 100 callers = maybe someone in engineering will get round to looking at this sometime
      – 10,000 callers = best inform engineering this might need looking at
      – 1,000,000 callers = we need to fix this
      – 10,000,000 callers = get an engineer quick.
      If you don’t report it to Apple, they don’t know the scale of the problem.
      Howard.
      
      LikeLike