Apple this week rolled out an important upgrade for macOS users, bringing not just a slew of extra features and improvements, but some much-needed security patches as well. Supporting non-upgrading users, the same fixes are available in a separate security update for the previous-generation macOS iteration.
The Cupertino behemoth doesn’t make a big fuss about the security content of macOS 12.0.1 – aka ‘Monterey’ – choosing to focus on the new features it brings to the table, like Shortcuts, TestFlight, Universal Control, a redesigned Safari browser, AirPlay support, Live Text, and more.
However, the upgrade also packs a fair amount of security fixes – 39 in total. Most of them are also addressed in macOS 11.6.1, a security-only update for the OS version that Monterey supersedes. This is so that users who are holding off the upgrade can still apply the necessary patches.
If exploited properly, most vulnerabilities would enable an attacker to execute their own code with kernel privileges – essentially to take over the target machine.
Two flaws are addressed in the Model I/O department, where processing a maliciously crafted file may disclose user information or memory contents, the advisories say, adding two more reasons to patch.
Not all of the fixes are critical in nature, but there are some standouts.
For instance, a vulnerability in the Software Update department may allow a malicious application to gain access to a user’s Keychain items, where passwords are stored locally.
To review the full list of fixes, visit the two advisories below:
Upgrading to Monterey is recommended, both for security and usability reasons. But it’s not the only option if you’re simply out to address the security part and stick with Big Sur for a while longer. However, if upgrading seems like a hassle right now, it’s crucial that you at least update to macOS Big Sur 11.6.1 and patch these flaws ASAP.