The Mac Security Blog

Security & Privacy

Apple releases macOS 12 Monterey, iOS 15.1, watchOS 8.1, and more

Posted on by

This week, Apple released its newest Mac operating system, macOS 12 Monterey, along with updates to its other operating systems. We’ll take a look at what these updates have to offer in terms of security patches, while briefly covering new features.

macOS Monterey 12.0 and 12.0.1

Apple’s latest Mac operating system is available for Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), and iMac Pro (2017 and later).

Some of the new features in macOS Monterey:

  • FaceTime SharePlay enables you to share and enjoy content with friends while on a FaceTime call
  • Content sent to you over Messages automatically appears in a new Shared with You section within the most relevant app for that content, so you can find and enjoy it whenever it’s convenient for you. Shared with You will be featured in Photos, Safari, Apple News, Apple Podcasts, and the Apple TV app.
  • Safari tab groups, new privacy protections and forced HTTPS connections
  • And more

You’ll recognize some of these features as they were introduced in iOS and iPadOS 15 in September. It’s nice to finally have these on the Mac as well!

Unfortunately, not every advertised feature of macOS Monterey is available on every Mac that can run Monterey. To read more about this, have a look here.

There are lots of security patches with Monterey between the 12.0 and 12.0.1 update. Note that 12.0 shipped on some new Macs, while 12.0.1 was the public release. Apple issued a single document describing the security contents of both together. Whether you’ve just finished unboxing your new 14″ M1 MacBook Pro or are upgrading a an older Mac, you’ll be presented with the 12.0.1 update.

At least 50 security-related issues are resolved in this update. A handful of interesting ones include:

Bluetooth
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.

 

iCloud
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.

 

Login Window
Impact: A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS
Description: This issue was addressed with improved checks.

 

Sandbox
Impact: A local attacker may be able to read sensitive information
Description: A permissions issue was addressed with improved validation.

 

SoftwareUpdate
Impact: A malicious application may gain access to a user’s Keychain items
Description: The issue was addressed with improved permissions logic.

 

zsh
Impact: A malicious application may be able to modify protected parts of the file system
Description: An inherited permissions issue was addressed with additional restrictions.

The zsh vulnerability (CVE-2021-30892) was reported by Jonathan Bar Or of Microsoft, who wrote about it at length in a Microsoft blog post: Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection.

The patches listed above, and several others, are important enough that you should install this update as soon as possible. For the full list of security patches included in Monterey 12.0.1 have a look here.

If you’re curious which patches were for macOS Monterey exclusively and which are available on Big Sur and Catalina, Intego’s Chief Security Analyst, Josh Long has compared them in this tweet:

You can get this update by going to Apple menuSystem Preferences > Software Update where compatible Macs running macOS Mojave or newer will see the Monterey update appear. If your Mac is running High Sierra or older, look for macOS Monterey in the App Store and download it from there.

macOS Big Sur 11.6.1

This is the last “dot update” we’re likely to see for macOS Big Sur. With macOS Monterey now available, Big Sur will likely continue to receive limited security updates for at least a year or two. This update is listed as being “recommended for all users and improves the security of macOS,” and it includes more than two dozen security patches. All of these patches were included with macOS Monterey, but it appears that not all of Monterey’s patches were back-ported to Big Sur.

The full list of security issues addressed in macOS 11.6.1 can be seen here. The update is available via Apple menuSystem Preferences > Software Update on your Mac. If it doesn’t appear there, you may be offered macOS Monterey instead, which in most cases is what you’ll actually want. But if you really want 11.6.1 rather than 12.0.1, you can click on “More info…” beneath where it says “Another update is available.” If you don’t see any update notification at all, you may need to hold the Command (⌘) key and press R to force a new check for updates.

If you really want 11.6.1, you’ll have to click “More info…”

Security Update 2021-007 Catalina

This update also includes more than two dozen security patches, which you can read about on this page. The update is available—you guessed it—via Apple menuSystem Preferences > Software Update on your Mac.

Based on how Apple treated macOS Mojave in 2021 (as detailed below), it is unclear how much longer Apple will release limited security updates for macOS Catalina.

macOS Mojave is no longer being updated

macOS Mojave has not seen any security updates since July of this year (other than one final update to Safari 14 in September). Historically, updates for the two-versions-old macOS end when another new OS is released. However, other than the one Safari 14 update, Mojave was cut off a full three months earlier than usual.

Since the last update to macOS Mojave, macOS Catalina and macOS Big Sur have both received several security updates as well as Safari 15. Theoretically, macOS Mojave should have enjoyed several more security updates before the release of macOS Monterey brought an end to support for the older OS. As of today, we should not expect any updates anymore. It’s a shame that Mojave missed out on several security updates, as many considered it a very reliable OS.

It will be hard for some users to say goodbye to older 32-bit Mac apps that won’t run on Catalina or later, but for security’s sake, it might be time to upgrade to a newer version of macOS (or a newer Mac) that still receives security updates. If you really need to use some very old Mac apps that haven’t been updated for compatibility with Catalina or later, perhaps you could keep those apps on an old Mac, and avoid using the old Mac for browsing the Web or checking e-mail.

iOS 15.1 and iPadOS 15.1

Apple’s latest iOS and iPadOS versions are compatible with everything that could be upgraded to version 15. Specifically, version 15.1 is available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

iOS 15.1 adds SharePlay, an entirely new way to have shared experiences with family and friends in FaceTime. This release also adds the ability to capture ProRes video using iPhone 13 Pro and iPhone 13 Pro Max, as well as verifiable COVID-19 vaccination cards in Apple Wallet, and includes other features and bug fixes for your iPhone. It also adds 22 security patches, some of which we’ll cover below:

Siri
Impact: A local attacker may be able to view contacts from the lock screen
Description: A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management.

 

Voice Control
Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A use after free issue was addressed with improved memory management.

 

CoreGraphics
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution
Description: An out-of-bounds write was addressed with improved input validation.

 

UIKit
Impact: A person with physical access to an iOS device may be able to determine characteristics of a user’s password in a secure text entry field
Description: A logic issue was addressed with improved state management.

The full list of security issues addressed can be found here.

To install these latest updates, go to Settings > General > Software Update on your device.

iOS 14.8.1 and iPadOS 14.8.1

Most of the updates in this list were released on Monday, but Apple waited until Tuesday to release updates for iOS and iPadOS 14.

While iOS and iPadOS 14.8.1 are also available, it’s important to point out that every device that can run 14.x can also run 15.x, so you might be better off upgrading to iOS or iPadOS 15.1 instead.

Listed simply as an update that “provides important security updates,” no new features were added in version 14.8.1. At least 13 security patches are included with this update, such as:

Status Bar
Impact: A user may be able to view restricted content from the Lock Screen
Description: A Lock Screen issue was addressed with improved state management.

 

Sidecar
Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution
Description: This issue was addressed with improved checks.

Apple previously identified one vulnerability, CVE-2021-30833 in IOMobileFrameBuffer, as having been “actively exploited.” That issue was patched back in iOS 15.0.2 (as discussed in episode 209 of the Intego Mac Podcast), but now Apple has brought the same fix to iOS 14.8.1.

The full list of security issues addressed in iOS and iPadOS 14.8.1 can be found here.

For a complete side-by-side comparison of all iOS vulnerabilities patched from iOS 14.8 to present—which clearly shows that iOS 15.1 is currently the safest—you can expand the chart in Josh Long’s recent tweet:

To install the latest iOS updates, go to Settings > General > Software Update on your device.

watchOS 8.1

The latest watchOS update is available for Apple Watch Series 3 and later.

watchOS 8.1 includes the following improvements and bug fixes for your Apple Watch:

  • Enhanced algorithms to detect falls during workouts and option to enable fall detection during workouts only (Apple Watch Series 4 and later)
  • COVID-19 vaccination card support allows you to present verifiable vaccination information from Apple Wallet
  • Fitness+ supports SharePlay to allow subscribers to invite up to 32 people to workout together through a FaceTime call using iPhone, iPad, or Apple TV
  • Always On may not display the time accurately for some users when their wrist is down (Apple Watch Series 5 and later)

At least 19 security patches are also included. The full list can be found here.

To install this update, first make sure your iPhone is up to date. Then ensure that both your phone and watch are connected to the same Wi-Fi network and that the watch has at least a 50% charge. Then open the Watch app on your phone and tap General > Software Update.

tvOS 15.1

This update enables SharePlay and includes at least 21 security patches. The full list of security issues addressed can be found here.

The tvOS update can be downloaded directly from the Apple TV by going to Settings > System > Update Software.

Safari 15.1

On Wednesday, Apple finally released Safari 15.1 for macOS Big Sur and Catalina, bringing several security patches that were included with macOS Monterey to the two previous Mac operating systems. You can read about Safari 15.1’s security updates here.

If you haven’t yet upgraded to macOS Monterey (which includes Safari 15.1), you can get the Safari update for macOS Big Sur or Catalina via Apple menu > System Preferences > Software Update.

Back up before you upgrade

Before you upgrade your iOS, iPadOS, or macOS device to the latest operating system, it’s always a good idea to back up your data first. This gives you a way to recover and restore your important data in case something does not go as planned.

See also our related article on checking your macOS backups:

How to Verify Your Backups are Working Properly

How can I learn more?

Intego’s Josh Long also wrote this related article about Apple’s patching policies, which dives deeper into the need to stay on the most recent major versions of macOS, iOS and iPadOS—in spite of the fact that Apple releases some security updates for previous versions.

Apple’s Poor Patching Policies Potentially Make Users’ Security and Privacy Precarious

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Jay Vrijenhoek

Jay Vrijenhoek is an IT consultant with a passion for Mac security research. View all posts by Jay Vrijenhoek →