How SilentKnight came about, and how it knows – most of the time – which version of XProtect and other security data your Mac should be using.
softwareupdate
Has Apple inadvertently released the full installer for macOS Sequoia 15.7.5? It’s only available as a full installer, not an update, but it’s real.
What to do when you know there’s an update available, but Software Update pretends that it can’t find it. With details of undocumented options for softwareupdate command and more.
When the architecture of macOS switched to the Signed System Volume in Big Sur, it brought major changes in how macOS is updated, as detailed here.
After logging in, macOS may check for system software updates, run an initial Time Machine backup, and run XProtect Remediator scans. This is how those happen.
Until Sequoia, it was simply downloaded and installed as any other software update. Since then it has changed frequently and its behaviour can now confuse.
Three XProtects, and one of them installed in two different locations. How they’re updated, and how you can ensure your Mac keeps up to date with them.
I had left my Mac running near midnight. Next morning it had shut down in the middle of an unwanted macOS update. Here’s how macOS went against my express settings.
iCloud is now used for key services including notarization checks. For XProtect updates, it should be quicker and simpler, so long as you mind the pinniped.
There are no changes for Sonoma and earlier macOS, and Sequoia 15.0-15.1.1 will also continue working as before. But 15.2 and later work differently, as explained here.
The Eclectic Light Company 