Last Week on My Mac: How can you tell whether your Mac is up to date?

One obvious answer to this question is to open About This Mac, where you can see the version of macOS that it’s running, but that’s just a part of the full answer. It doesn’t tell you whether its firmware is up to date, or anything about its essential security systems like XProtect, MRT, and the new addition XProtect Remediator. The assumption is that, if you follow Apple’s guidance with automatic updates enabled, when Software Update reports your Mac is up to date, then everything is hunky dory.

Until the beginning of June, that doesn’t seem to have been a dangerous assumption for the great majority of those using the current release of macOS. There have always been sporadic reports of Macs which are woefully out of date for certain components including those security systems, and El Capitan had a bug in its software update mechanism which could unintentionally block updates. But from Sierra onwards the great majority of Macs seem to have worked well in auto, until early June this year.

Over that period, there have been other changes. Many now have more than one Mac, together with iOS and iPadOS devices. Most have come to use iCloud a great deal, and a significant number rely even more heavily on it for multiple services. For Apple’s balance sheet these have all been healthy changes, as its revenues and profits have steadily risen.

Since Apple unbundled its Content Caching service from its moribund Server product in High Sierra, its use has steadily grown. Promoted by Apple as helping to “reduce internet data usage and speed up software installation on Mac computers, iOS and iPadOS devices, and Apple TV”, for most users it’s a cinch to set up and run. And, until early June this year, it has been thoroughly reliable for most of those who have enabled it.

I don’t know what changed in early June, as it could have been something in Monterey 12.4 or in Apple’s software update servers, but since then those security updates that used to install fine haven’t been working properly.

In my case, as with many, when any of my Macs tries to download and install security data updates from my Content Caching server, they fail to install. Disable that server, so those Macs are forced to connect direct to Apple’s servers, and the same updates install first time, without error.

I know all this because I’m crazy enough to study these software updates in detail, have written apps to take better control of them, and tell others when Apple releases updates. If I did none of these, I’d probably still assume that, whatever security updates Apple has pushed, they were all promptly installed on each of my Macs, thanks to my Content Caching server.

This is because, as a matter of policy, Apple doesn’t inform users when it pushes security data updates, nor does it reveal their current versions, nor is it easy to discover whether anything is wrong with the software update process. Unless you use third-party software and sites like this, your Mac(s) could have failed to install every one of the six security updates pushed by Apple since problems started in early June, and you’d be none the wiser.

I don’t believe that Apple really wants us to fall so badly out of date for security data updates. Its engineers have invested their effort into adding new malware detection signatures to XProtect’s Yara file, and even more to deliver its brand new tool XProtect Remediator, which alone has been the object of four of those six security updates. If they installed successfully.

Until a couple of days ago, I believed these problems installing updates were confined to those using a Content Caching server. Then I came across a Mac user who hasn’t used it, but whose XProtect Remediator had fallen two updates behind, and who had only learned of this through this site. If they had relied on the information unprovided by Apple and their Mac, they would presumably have remained in blissful ignorance.

Over the last few years, Apple has invested heavily to ensure that Mac users are provided with excellent security protection. This started with a campaign to ensure that the firmware in Macs was more uniformly up to date. Its engineers have recast the System into a mounted snapshot, every bit of it sealed by hashes and signed at the top. It has developed a new tool to improve the detection and remediation of malware. But the final link in delivery, ensuring that those updates are installed, is letting the whole system down.