The Mac Security Blog

Security & Privacy

Apple releases macOS Sonoma 14.2.1; patches 1 vulnerability, leaves others unpatched

Posted on by

On Tuesday, December 19, Apple released operating system updates, primarily to fix various non-security related bugs. The macOS Sonoma update, however, fixed at least one security vulnerability. Let’s take a look at what Apple fixed, and what remains unpatched.

In this article:

macOS Sonoma 14.2.1

Available for:
All supported Macs capable of running macOS Sonoma

Apple’s macOS Sonoma release notes only specify that “This update provides important bug fixes and security updates and is recommended for all users.”

On the company’s security release notes page, Apple links to details about the lone security patch in macOS Sonoma 14.2.1:

WindowServer

Impact: A user who shares their screen may unintentionally share the incorrect content

Description: A session rendering issue was addressed with improved session tracking.

CVE-2023-42940: Craig Hockenberry

You can get this update by going to System Settings > Software Update, where compatible Macs running macOS Mojave or newer will see the Sonoma update appear. If your Mac is running macOS High Sierra or older, look for macOS Sonoma in the App Store and download it from there.

Notably, users of OpenCore Legacy Patcher (i.e. people who run macOS Sonoma on an unsupported Mac) must update to the latest version before upgrading to macOS Sonoma 14.2.1.

What Apple still hasn’t patched

In macOS Sonoma 14.2.1, Apple still has yet to address several vulnerabilities. In November, Intego published an exclusive report about major vulnerabilities in open-source components of macOS Sonoma. To this day, macOS Sonoma is still missing a number of major security patches, including one that has been actively exploited in the wild, and two 9.8 out of 10 “critical” vulnerabilities. In total, at least five vulnerabilities in open-source components appear to remain unpatched in macOS Sonoma 14.2.1.

Apple neglects to patch multiple critical vulnerabilities in macOS

This week’s non-security updates

Apple also released several other bug-fix updates this week, none of which appear to have included security updates.

(The company’s security release notes page only states that “[each] update has no published CVE entries.” Technically, this doesn’t say much; in theory, the updates could address other security issues that don’t have CVE numbers assigned, or could address vulnerabilities whose CVEs are not yet published. But as far as we know right now, the updates do not patch any security issues.)

The other OS-related updates are as follows:

  • Safari 17.2.1 for macOS Monterey and macOS Ventura
  • iOS 17.2.1
  • iOS 16.7.4 and iPadOS 16.7.4

It’s unclear why we only got iOS 17.2.1 without a corresponding patch for iPadOS; normally, we would get iPadOS 17.2.1 alongside iOS 17.2.1. The only known issue addressed in iOS 17.2.1 was reportedly mentioned in the Japanese release notes, which indicated that it “addresses an issue where the battery may drain quickly under certain conditions.” Perhaps this issue only applied to iPhones, but not iPads.

The Mr. Macintosh blog observed that Apple also updated the following apps on December 19:

  • Pro Video Formats 2.3
  • iMovie 10.4
  • Final Cut Pro 10.7

Apple typically doesn’t list app updates on its security release notes page (unless, of course, they contain fixes for vulnerabilities).

How to install Apple security updates

It is recommended to update as soon as you can.

How to install macOS updates

If you haven’t yet upgraded to macOS Sonoma, be sure to first update your critical software. For example, run Intego’s NetUpdate utility and install all available updates, and then check for updates for all other software that you use regularly. Next, check for macOS updates by going to System Settings > General > Software Update.

If you have any trouble getting the macOS update to show up, either press ⌘R at the Software Update screen, or type in the Terminal softwareupdate -l (that’s a lowercase L) and press Return/Enter, then check System Settings > General > Software Update again.

Macs running macOS Big Sur or Monterey can get these updates (or upgrade to macOS Sonoma) via System Preferences > Software Update. If you have an iMac Pro or a MacBook Pro (2018) that’s still running macOS High Sierra, look for macOS Sonoma in the Mac App Store and download it from there.

Note that only the latest macOS version (currently, that’s macOS Sonoma) is ever fully patched; older macOS versions only get a subsection of those patches and remain vulnerable. Therefore, staying on the latest macOS version is critically important for maintaining your security and privacy. For more information, see our article, “When does an old Mac become unsafe to use?

How to install other Apple OS updates

Users of iPhone or iPad can go to Settings > General > Software Update to update iOS or iPadOS on their devices. (This is called an “over the air” or OTA update.) Alternatively, you can connect your device to your Mac, click on the device name in a Finder window sidebar, and check for updates there.

To update watchOS on your Apple Watch, the process is a bit more complicated. First, update your iPhone to the latest operating system it can support (ideally the latest version of iOS 17). Next, ensure that both your iPhone and Apple Watch are on the same Wi-Fi network. Your Apple Watch also needs to have at least a 50% charge. Then open the Watch app on your iPhone and tap General > Software Update.

Whenever you’re preparing to update macOS, iOS, or iPadOS, it’s a good idea to always back up your data before installing any updates. This gives you a restore point if something does not go as planned. See our related article on how to check your macOS backups to ensure they work correctly.

How to Verify Your Backups are Working Properly

See also our article on how to back up your iPhone or iPad to iCloud and to your Mac.

Should you back up your iPhone to iCloud or your Mac? Here’s how to do both

How can I learn more?

We discussed the December 19 macOS Sonoma update on episode 324 of the Intego Mac Podcast.

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Joshua Long

Joshua Long (@theJoshMeister), Intego's Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple ID authentication vulnerability. Josh has conducted cybersecurity research for more than 25 years, which has often been featured by major news outlets worldwide. Look for more of Josh's articles at security.thejoshmeister.com and follow him on X/Twitter, LinkedIn, and Mastodon. View all posts by Joshua Long →