Security & Privacy

Apple releases macOS Sonoma 14.1, iOS 17.1, and more, with security updates

Posted on by

On Wednesday, October 25, Apple released operating system updates that introduced new features and fixed security vulnerabilities. Let’s take a look at some of the highlights of each update.

In this article:

macOS Sonoma 14.1

Available for:
All supported Macs capable of running macOS Sonoma

Main features:

  • This update provides enhancements, bug fixes, and security updates for your Mac including:
    • Favorites expanded in Music to include songs, albums, and playlists, and you can filter to display your favorites in the library
    • Apple warranty status for Mac, AirPods, and Beats headphones and earbuds are available in System Settings
    • Fixes an issue where the System Services settings within Location Services may reset
    • Fixes an issue that may prevent encrypted external drives from mounting

Enterprise features:

  • Continuity features can be used with Managed Apple IDs.
  • The new Lockdown Mode and macOS Sonoma wallpaper setup panes can be skipped using MDM.
  • SMB share contents are correctly shown when using Distributed File System (DFS).
  • MDM no longer fails to install enterprise apps after installing an App Store app.
  • Software Update no longer displays a “required managed update” notification when no updates are available.

Security updates:
At least 44 vulnerabilities were addressed in this update. Here are a handful of notable ones:

App Support

Impact: Parsing a file may lead to an unexpected app termination or arbitrary code execution

Description: This issue was addressed by removing the vulnerable code.

CVE-2023-30774

 

AppSandbox

Impact: An app may be able to access user-sensitive data

Description: A permissions issue was addressed with additional restrictions.

CVE-2023-40444: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)

 

Contacts

Impact: An app may be able to access sensitive user data

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-41072: Wojciech Regula of SecuRing (wojciechregula.blog) and Csaba Fitzl (@theevilbit) of Offensive Security

CVE-2023-42857: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)

 

Emoji

Impact: An attacker may be able to execute arbitrary code as root from the Lock Screen

Description: The issue was addressed by restricting options offered on a locked device.

CVE-2023-41989: Jewel Lambert

 

Login Window

Impact: An attacker with knowledge of a standard user’s credentials can unlock another standard user’s locked screen on the same Mac

Description: A logic issue was addressed with improved state management.

CVE-2023-42861: Jon Crain, 凯 王, Brandon Chesser & CPU IT, inc, Matthew McLean, Steven Maser, and Avalon IT Team of Concentrix

 

Passkeys

Impact: An attacker may be able to access passkeys without authentication

Description: A logic issue was addressed with improved checks.

CVE-2023-42847: an anonymous researcher

 

Siri

Impact: An attacker with physical access may be able to use Siri to access sensitive user data

Description: This issue was addressed by restricting options offered on a locked device.

CVE-2023-41982: Bistrit Dahla
CVE-2023-41988: Bistrit Dahla
CVE-2023-41997: Bistrit Dahla

For the full list of security patches included in macOS Sonoma 14.1, have a look here.

What Apple neglected to patch: curl

Notably, Apple neglected to bring the command-line utility curl up to its current version. Although the command-line utility’s October 11 update (curl 8.4.0) patched a high-severity vulnerability, Apple did not include the update with macOS Sonoma 14.1.

Intego discussed this curl update on the episode 313 of the Intego Mac Podcast.

macOS Ventura 13.6.1

Available for:
All supported Macs currently running macOS Ventura

Enterprise features:
Only one (somewhat security-related) improvement was included in this update, especially for enterprise users:

  • Mac computers with Intel processors no longer use Automatic Update settings for software updates that are delayed by MDM.

Security updates:
At least 15 vulnerabilities were addressed, most of which overlap with those addressed in the macOS Sonoma update.

For the full list of security patches included in macOS Ventura 13.6.1, have a look here.

Note that at this point, macOS Ventura is no longer the most recent Mac operating system. It is therefore getting fewer patches, and remains perpetually vulnerable to some security issues. If your Mac is compatible with macOS Sonoma, it’s important to upgrade soon to better protect your security and privacy.

When does an old Mac become unsafe to use?

macOS Monterey 12.7.1

Available for:
All supported Macs currently running macOS Monterey

Security updates:
At least 11 vulnerabilities were addressed in this update, most of which overlap with those addressed in the macOS Sonoma update.

For the full list of security patches included in macOS Monterey 12.7.1, have a look here.

To reiterate, Apple does not patch all applicable security vulnerabilities for previous operating system versions, such as macOS Monterey. If your Mac does not officially support macOS Sonoma, you may wish to consider an unsupported upgrade method to enable your old Mac to remain fully patched.

Safari 17.1 for macOS Ventura and Monterey

Available for:
macOS Ventura and macOS Monterey

This update addresses four WebKit vulnerabilities, all of which were addressed in the macOS Sonoma update.

The list of fixes can be seen here.

iOS 17.1 and iPadOS 17.1

Available for:
iPhone XS and later (including iPhone XR, iPhone 11 and later, and iPhone SE 2nd and 3rd generations), iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Main features:

This update introduces the ability for AirDrop transfers to continue over the Internet when you step out of AirDrop range. This release also includes enhancements to StandBy and Apple Music, as well as other features, bug fixes, and security updates for your iPhone.

Enterprise features:

  • Continuity features can be used with Managed Apple IDs.
  • Always on VPN users are now able to make cellular and Wi-Fi calls, use cellular data, and send SMS/MMS messages.
  • Resolves an issue with iOS devices losing communication with MDM.

Bug fixes:

  • Improved reliability of Screen Time settings syncing across devices
  • Fixes an issue that may cause the Significant Location privacy setting to reset when transferring an Apple Watch or pairing it for the first time
  • Resolves an issue where the names of incoming callers may not appear when you are on another call
  • Addresses an issue where custom and purchased ringtones may not appear as options for your text tone
  • Fixes an issue that may cause the keyboard to be less responsive
  • Crash detection optimizations (all iPhone 14 and iPhone 15 models)
  • Fixes an issue that may cause display image persistence

Security updates:
At least 21 vulnerabilities were addressed in this update, most of which were also addressed in the macOS Sonoma update.

The full list of security issues that were addressed can be found here.

iOS 16.7.2 and iPadOS 16.7.2

Available for:
iPhone 8 and later (through iPhone 14), iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

Security updates:
At least 17 vulnerabilities were addressed in this update, a subset of those covered in the previously mentioned OS updates.

Note that Apple does not patch all applicable security vulnerabilities for previous operating system versions, such as iOS 16. Since iOS 17’s release, iOS 16 has gotten roughly half as many security patches as iOS 17.

The full list of security issues that were addressed can be found here.

iOS 15.8 and iPadOS 15.8

Available for:
iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Security updates:

Kernel

Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.

Description: An integer overflow was addressed with improved input validation.

CVE-2023-32434: Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), Boris Larin (@oct0xor), and Valentin Pashkov of Kaspersky

This exact same entry can be found in the security release notes for the iOS and iPadOS 15.7.7 and 16.5.1 updates, posted in June of this year. It is unclear why this patch is making an appearance again; perhaps it was addressed more thoroughly this time.

You can read the iOS 15.8 and iPadOS 15.8 update notes here.

To reiterate, Apple does not patch all applicable security vulnerabilities for previous operating system versions, such as iOS 15. If your device cannot be upgraded to iOS 17, it’s best to buy newer hardware.

When does an old iPhone become unsafe to use?

iOS 12 — no updates since January

Apple has not released a corresponding security update for older devices stuck on iOS 12. The most recent, and probably final, security update for iOS 12 was released in January 2023, and it only patched a single vulnerability.

Again, users whose devices are incapable of upgrading to iOS or iPadOS 17 should consider buying newer hardware that supports the current, and fully patched, operating systems.

watchOS 10.1

Available for:
Apple Watch Series 4 and later

Main features:

  • Double tap gesture can be used to perform the primary action in notifications and most apps so you can answer a call, play and pause music, stop a timer, and more (Available on Apple Watch Series 9 and Apple Watch Ultra 2)
  • NameDrop allows you to exchange contact information with someone new by simply bringing your Apple Watch near their iPhone with iOS 17 or Apple Watch (Available on Apple Watch SE 2, Apple Watch Series 7 and later, and Apple Watch Ultra)
  • My Card is available as a complication for quick access to NameDrop

Bug fixes:

  • Fix for bug that causes the climate section in the Home app to be blank
  • Addresses an issue that causes a white selection border to be unexpectedly displayed after turning off AssistiveTouch
  • Fixes an issue where cities may not sync between iPhone and watch in Weather
  • Resolves an issue where the scroll bar may unexpectedly be visible on the display
  • Fix for bug that causes elevation to be incorrect for some users

Security updates:

At least 11 vulnerabilities were addressed in this update, most of which were included in the previously mentioned OS updates.

The full list of security issues that were addressed can be found here.

watchOS 9 — no updates this time

Although Apple released one simultaneous patch for watchOS 9 and 10 in September, this time Apple did not release a watchOS 9 update.

It’s important to upgrade to both iOS 17 and watchOS 10 as soon as possible to avoid getting left behind on iPhone and Apple Watch security updates.

watchOS 8 — no updates since June

Likewise, watchOS 8 didn’t get an update. The Apple Watch Series 3, which Apple sold until March 2023, has only gotten a single update, patching a single vulnerability, since July 2022.

All Apple Watch models older than the Series 4 should be considered perpetually vulnerable, and unsafe to use.

tvOS 17.1

Available for:
Apple TV HD and Apple TV 4K (all models)

Update information:

  • This update adds support for Enhance Dialogue on HomePod mini and HomePod (1st generation) when paired with Apple TV 4K, and includes performance and stability improvements.

Security updates:

At least four vulnerabilities were addressed in this update, all of which were included in the aforementioned OS updates.

The list of security issues that were addressed can be found here.

audioOS 17.1

Apple’s rarely-mentioned audioOS (also known as HomePod Software, or HomePodOS) was also updated. Apple has never mentioned this operating system on its security updates page, so it is unclear whether any security issues were addressed in this week’s update.

However, according to the Mr. Macintosh blog, which keeps track of OS version numbers, the audioOS build number always matches that of tvOS, which seems to imply that the HomePod runs essentially the same operating system as the Apple TV.

HomePod updates are generally not urgent, and they are supposed to install automatically. However, if you would like to update your HomePod or HomePod mini’s operating system manually, you can go into the Home app on your iPhone or iPad, then tap the House icon > Home Settings > Software Update > temporarily disable (toggle off) Install Updates Automatically > then tap Install. After updating, remember to re-enable the Install Updates Automatically setting.

How to install Apple security updates

It is recommended to update as soon as you can.

If you haven’t yet upgraded to macOS Sonoma, be sure to first update your critical software. For example, run Intego’s NetUpdate utility and install all available updates, and then check for updates for all other software that you use regularly. Next, check for macOS updates by going to System Settings > General > Software Update.

If you have any trouble getting the macOS update to show up, either press ⌘R at the Software Update screen, or type in the Terminal softwareupdate -l (that’s a lowercase L) and press Return/Enter, then check System Settings > General > Software Update again.

Macs running macOS Big Sur or Monterey can get these updates (or upgrade to macOS Sonoma) via System Preferences > Software Update. If you have an iMac Pro or a MacBook Pro (2018) that’s still running macOS High Sierra, look for macOS Sonoma in the Mac App Store and download it from there.

Note that only the latest macOS version (currently, that’s macOS Sonoma) is ever fully patched; older macOS versions only get a subsection of those patches and remain vulnerable. Therefore, staying on the latest macOS version is critically important for maintaining your security and privacy. For more information, see our article, “When does an old Mac become unsafe to use?

Users of iPhone or iPad can go to Settings > General > Software Update to update iOS or iPadOS on their devices. (This is called an “over the air” or OTA update.) Alternatively, you can connect your device to your Mac, click on the device name in a Finder window sidebar, and check for updates there.

To update watchOS on your Apple Watch, the process is a bit more complicated. First, update your iPhone to the latest operating system it can support (ideally the latest version of iOS 17). Next, ensure that both your iPhone and Apple Watch are on the same Wi-Fi network. Your Apple Watch also needs to have at least a 50% charge. Then open the Watch app on your iPhone and tap General > Software Update.

Whenever you’re preparing to update macOS, iOS, or iPadOS, it’s a good idea to always back up your data before installing any updates. This gives you a restore point if something does not go as planned. See our related article on how to check your macOS backups to ensure they work correctly.

How to Verify Your Backups are Working Properly

See also our article on how to back up your iPhone or iPad to iCloud and to your Mac.

Should you back up your iPhone to iCloud or your Mac? Here’s how to do both

How can I learn more?

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Jay Vrijenhoek

Jay Vrijenhoek is an IT consultant with a passion for Mac security research. View all posts by Jay Vrijenhoek →