Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Make Sure to Update: iOS 18.1.1 and macOS Sequoia 15.1.1 Fix Actively Exploited Vulnerabilities
- Thread starter MacRumors
- Start date
- Sort by reaction score
I used screen sharing from my M1 MBP to my M4 mini yesterday to apply this update. Went fine and I reconnected without any issues.
However, when I actually tried to use my M4 mini directly, I couldn't see how to tell it to use the monitor and respond to keyboard and mouse.
Anyone know if there is a way of taking over a machine while it is sharing screen?
(Not a big deal, I just went downstairs and disconnected. But I'd like to know if there are any other options.)
However, when I actually tried to use my M4 mini directly, I couldn't see how to tell it to use the monitor and respond to keyboard and mouse.
Anyone know if there is a way of taking over a machine while it is sharing screen?
(Not a big deal, I just went downstairs and disconnected. But I'd like to know if there are any other options.)
So does this mean you're screwed if you're still on an Intel based Mac that can't be updated?
support.apple.com
techcrunch.com
About the security content of macOS Sequoia 15.1.1 - Apple Support
This document describes the security content of macOS Sequoia 15.1.1.
Apple says Mac users targeted in zero-day cyberattacks | TechCrunch
Apple said the security update for Macs, iPhones, and iPads is "recommended for all users."
techcrunch.com
Funny how that works, an update to protect against active exploits with no bug fixes listed.
an attacker's ability to run any commands or code of the attacker's choice on a target machine
Arbitrary code execution - Wikipedia
en.wikipedia.org
I even forgot about those. But I only remember 1, maybe 2 tops.
At least on Sequoia under software updates, there is the option to turn on/off the "Install security responses and system files". I do have that option on, but have all other auto updates off. But I haven't ever received any notification that anything has ever been updated through it that I know of.
So unless it's completely silent in the background, it may not be that Rapid Security Response as it was before? I would absolutely still like to know when something is silently updated in the background, security included. So if this is the case, they should definitely add a notification for it.
Anyone know if this is the same?
So does this mean you're screwed if you're still on an Intel based Mac that can't be updated?
About the security content of macOS Sequoia 15.1.1 - Apple Support
This document describes the security content of macOS Sequoia 15.1.1.
Apple says Mac users targeted in zero-day cyberattacks | TechCrunch
Apple said the security update for Macs, iPhones, and iPads is "recommended for all users."
Apple doesn't provide enough information to tell. Right now we know three things:
1) There were bugs in WebKit that allowed among other things arbitrary code execution -- we don't know when those bugs were introduced
2) These vulnerabilities were likely discovered back in June or earlier
3) These were known to be exploited against someone who used an Intel-based laptop
We can also infer from whom was involved in detecting and reporting the issue that the person whose computer was infiltrated was likely being targeted by a nation state-back group or similar. That is to say this was not a script kiddie / automated worm type attack.
Depending on 1), these bugs could have been introduced in the WebKit version used in Ventura or it may date back to Safari 4/5/etc versions.
Until now it is unlikely many people knew about the vulnerability in order to exploit it and similarly if you are not a targeted individual it has been a low risk to you. That will likely change as others now know what to look for and will likely reverse-engineer the exploit and share it among all their cybercriminal friends.
While this vulnerability was exploited against someone with an Intel-based laptop, this bug was in the code shared across ARM as well as Intel-based system including iOS, iPadOS, VisionOS, and MacOS for Apple Silicon code. Unless there are additional hardware protections on those platforms and Apple's use of them there then mitigates/neutralizes this attack, they are also as vulnerable to future attacks as Intel-based systems.
The two differences are a) no one has proven a successful attack with this bug so far against an ARM-based system and b) no AVP nor Apple Silicon Macs have been dropped from the OS. As such depending, iPhones and iPads that can't be upgraded to iOS/iPadOS 17 may be just as "screwed" as those with Intel-based Macs that can't be updated. The situation there is actually worse as those people can't use an alternate browser with a fixed/alternate WebKit.
The two lessons from this should be:
1) We should be allowed to install alternate web engines on iOS, et all
2) If you are running an older macOS, always take advantage of this by running the latest version of alternate browsers that are still being patched for security (e.g. Firefox back to 10.12 and Orion back to 10.14).
Apple should force them for the sake of usability and security for their users.
Glad to see iOS 17 is being patched. My spouse refuses to update to iOS 18 because of the terrible changes to the photos app.
Which is, of course, demonstrably untrue, since macOS 13.7.1 released on October 28th, 2024. Does macOS 13 have the bug?
I don't update because I haven't seen anything about whether there are irrevocable changes to any Apple infrastructure items. Both my iMac and my MBP are staying on Ventura for the forseeable future, and all I need is for the phone to try to upgrade something related to my AppleID and break things.
But Apple just has to be a nag. I installed 17.7.1 and the "please update to iOS 18 nag went away", and stayed gone. Now I've installed 17.7.2 and the 'please upgrade nag' is back.
There is an update to Safari 18.1.1 to address the vulnerability in 13.x and 14.x.
Of course, we all know that, I was talking about Monterey macOS 12 which is the latest I can officially run.
Clear now that it was just a typo but it was just confusing because you wrote older than macOS 14 instead of macOS 13.
In any case, we just don't know if Monterey's Safari is vulnerable. Someone who follows WebKit development and understands the bug this fixes and where the code it fixed was introduced could determine if macOS 12's Safari/etc is vulnerable but not being patched or if macOS 12's Safari/etc wasn't vulnerable to begin with. Unfortuantely, it seems unlikely someone who could do that analysis is going to share their findings widely.
Then for that and reasons like that, I avoid Safari when running on any no-longer-patched macOS.
This is still a valid question for MacOS 14.x The notes on that Apple Security Releases page are only talking about this new exploit for 15.x plus iOS 17+18. The last security patch for 14.x was in late October. So does this new exploit affect Sonoma or nah?
The Safari 18.1.1 update addressed the same vulnerabilities and was released for Ventura and Sonoma at the same time as the Sequota, et all fixes. The root of the bugs was the Webkit versions used in at least Ventura (macOS 13.x) through Sequoia (macoS 15.x) as well as those versions of iOS, etc. At this point we don't know which version of WebKit were vulnerable and therefore which earlier versions of macOS, iOS, etc, if any, were also vulnerable.
Speaking of nags, I notice now that iOS 18’s music app nags me with songs that I purchased on iTunes. It now shows (under the songs) “More by (artist name)” “featured on” and “you might also like.” No way to turn it off, and it only appears on songs that I bought on iTunes— which makes me less inclined to buy songs on iTunes going forward because I really don’t want to see this crap. I understand that some people might consider this a feature, but to me, it just cheapens the experience making my music now feel like a constant upsell.
