Posted on 09-13-2021 11:09 AM
Posted on 09-14-2021 01:10 AM
And again no mail on the security announce list? What's up with Apple? So thanks for the hint @AJPinto !
Posted on 09-14-2021 05:15 AM
I only noticed this when smart groups started updating. JAMF's patch management still shows 11.5.2 as current as does the App Store. Apple is getting sloppy(er then usual).
Posted on 09-14-2021 07:47 AM
There doesn't seem to be a stand alone installer. I've only had success through System Preferences/Software Update, and that's been flakey maybe due to traffic. Softwareupdate CL doesn't want to download -d, or install -i.
Posted on 09-14-2021 07:49 AM
I got it using sudo softwareupdate -aiR (install all reboot) yesterday.
Posted on 10-13-2021 11:52 AM
I have 2 Macs that are overseas and need their web traffic routed all the way back to the US due to how our orgs network restrictions are set up (always on VPN), and I've been unable to get these Macs to update to 11.6 despite multiple attempts. I'm pissed that Apple no longer supplies a standalone installer for these updates. Having everything going thru the software update mechanism every time can be flakey. WTH is Apple thinking sometimes?
10-14-2021 04:38 AM - edited 10-14-2021 04:38 AM
We have much the same restriction. You may be able to push back to your security team that you are unable to install security patches to the Macs to patch several 0-day exploits until they allow *.Apple.com (or at least apples update servers and needed ports) around the captive gateway.
You security team would need to decide what is the greater risk. Not being able to patch the Macs or not having total control over Apple traffic which they already cannot inspect or monitor in any way shape or form. If your security team says no save the email and wash you hands of it and move on.
Posted on 10-14-2021 08:46 AM
You can get a stand alone installer now using --fetch-full-installer.
Posted on 09-14-2021 07:51 AM
The MacRumors article doesn't mention it, but the 11.6 and Catalina 2021-005 Security Updates supposedly address a zero day that may be actively being exploited (at least on Big Sur), so it's highly recommended you get all your Macs up to date as soon as possible. We're doing an emergency push to all our Macs starting this evening.
https://support.apple.com/en-us/HT212804
https://support.apple.com/en-us/HT212805
Posted on 09-14-2021 07:57 AM
My gut had a feeling this was a 0 day. I have told our security teams and see what they want us to do. Wasn't 11.5.2 also a 0 day?
Posted on 09-15-2021 02:11 PM
From what I have read (and it is only a few pieces of info) the attack vector is through Messages.app. A quick "patch" may be to add Messages.app to the restricted software list until they upgrade to 11.6.
Posted on 09-16-2021 05:01 AM
We already restrict iMessage and do not allow the use of AppleID's. I find it a bit strange they did not just roll this in to 11.5.3 or something to get it out faster and less impactful. They could have updated iMessage without rebooting the Macs with a much smaller update like they do with Safari.