Login

Register

Login

Register

| Apple MacOS 10.15.5 Release: MacBook’s Surprising Problem | #iphone | #ios | #cybersecurity | #informationsecurity


June 4th update below, post originally published June 1. 

Last week saw Apple release MacOS Catalina version 10.15.5; a surprising move so close to the Virtual WWDC later this month and the expected announcement of MacOS 10.16. Nevertheless Tim Cook and his team pushed out the update with a number of security updates, and the addition of the battery health software.

The surprises keep on coming, with a ‘supplemental release’ today of 10.15.5 with ‘important security updates’.

Update June 2: It looks like Apple is far from done with MacOS Catalina. Not only has this week seen the supplementary update to the desk-bound operating system, but the MacOS development team have released a beta version of MacOS 10.15.6 to developers and those signed up to the beta program.

At the moment Apple’s release notes echo the now familiar ‘bug fixes and improvements’ in the package. No doubt there are other changes in the code, and a closer examination will no doubt reveal Apple’s net steps with the platform.

With Apple’s virtual WWDC coming up on the horizon, we may hear more on the new features by the end of the month. Or it could be more preparatory work that will allow MacOS to run on the current Intel processors and the upcoming inclusion of ARM processors on the Mac platform.

June 4th update: Following the release of MacOS 10.15.5 (and the snap release of the supplemental update for security issues), Mac owners are encountering some issues when they come to install the update. These include screen flashingexcessive install times, and kernel panics

Pieter Herman has noted some immediate first aid if your installation is broken but the main advice from Herman, and one that I fully endorse, is simple.

Remember to back up your Mac before you install any update to the operating system. That will allow you to easily roll back to the previous version of MacOS if needed.

Apple’s support pages offer more details on the 10.15.5 changes, which have been made to the kernel:

  • Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.5
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory consumption issue was addressed with improved memory handling.
  • CVE-2020-9859: unc0ver

The nature of the changes and the inclusion of MacOS High Sierra suggests that either something has slipped through the quality control net, or a serious exploit has come to Apple’s attention in the last few days. 

Speculation will no doubt fall on the ‘Sign In With Apple’ flaw which saw Apple pay a $100,00 bounty. Forbes’ Davey Winder:

“With the vulnerability already now patched by Apple on the server-side, Bhavuk Jain published his disclosure of the security shocker on May 30. Although the vulnerability related only to third-party apps which used Sign in with Apple without taking any further security measures, it’s shocking for two reasons.”

Those reasons being the breadth of the attack and what it could open up to a hacker, and Apple’s inability to catch this flaw during testing.

Now read more about the main release of MacOS Catalina 10.15.5…

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

.  .  .  .  .  .  . .  .  .  .  .  .  .  .  .  .   .   .   .    .    .   .   .   .   .   .  .   .   .   .  .  .   .  .





Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
HACKER FOR HIRE MURDERS
 

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW