Apple has released Big Sur 11.2.3 (updated)

Apple has this evening released yet another ‘patch’ update to Big Sur, bringing it to version 11.2.3. This contains “important security updates” which Apple recommends for all those using Big Sur.

It’s 2.44 GB for Intel Macs and 3.37 GB for M1 Macs, and even on a fast iMac Pro here takes around 25 minutes to install, in addition to download and 15 minute preparation time. M1 Macs still have to download the first 1 GB or so of the update direct from Apple’s servers, and only benefit from a Content Caching Server for the remaining 2.4 GB or so of the update.

According to Apple’s security release notes, this contains a single fix for a vulnerability in WebKit.

This update downgrades your MRT installation from version 1.75 to 1.72, which was originally pushed as an update on 12 November 2020. If your Mac doesn’t get a pushed update to restore 1.75 fairly quickly, you may need to run SilentKnight or LockRattler to install the correct version of MRT.

This update is already available as a full installer via
softwareupdate --list-full-installers
and Apple still lists 11.2.1 and 11.2.2 there too.

It’s also already available as an IPSW file for restoring M1 Macs in DFU mode, via Mr Macintosh, of course.

There’s still no sign of any form of standalone updater, other than the full installer itself.

The security content of this update has been provided to those still using Mojave and Catalina in the form of a Safari update. Some get all the luck.

Big Sur 11.2.3 does update a lot of Safari and WebKit components. There are no changes in the version or build numbers of any of the bundled applications, in which I don’t include Safari, as I explain below. However, there are changes in the following:

  • Several AppleIntel Graphics kernel extensions, which increment from version 16.1.11 to 16.1.12.
  • ImageIO framework, which has a single point increment in build number to 2130.3.5.
  • JavaScriptCore framework, which has a small increment in build number to 16610.
  • SafariServices framework, which has the same small increment in build number.
  • WebKit framework, which has the same small increment in build number.
  • Several Safari frameworks, which have the same small increment in build number.
  • WebDriver and WebInspector private frameworks, with the same incremented build number.
  • Safari-related templates, with the same incremented build numbers.

Safari itself now shows the same version number (14.0.3) with the common build number of 16610. which it shares with its components, as noted above.

In Big Sur, Safari itself is installed on the Data volume, not the SSV, but most if not all of its supporting frameworks and other immutable files are stored on the SSV. This division was originally intended to ensure that updating Safari itself in Catalina didn’t require long and complex installation. Unfortunately for Big Sur users, in this case the changes required to address the security vulnerability have been in those immutable files protected by the SSV, making installation considerably slower and more complex.

The minor updates in AppleIntel Graphics kexts and the ImageIO framework appear unrelated and undocumented.

[Updated 0740 UTC 9 March 2021 with final details for Safari.]