I'm trying to create a compliance policy on supported macOS version, where I would support Catalina and Big Sur, but only in the latest incarnations.
Right now that would be:
Big Sur 11.5.1 (maybe also 11.5.0)
Catalina 10.15.7 (but that number do not have the latest security update from July 2021 in it, so I need something better for Catalina).
And what about Mojave?
If a machine is running Catalina or Mojave, I will not red-flag it, if it is on the latest and greatest security update. And for Big Sur the security content of 11.5.1 is so important I want to read flag anyone that did not update to build 20G80 (11.5.1).
I prefer a script that could somehow automatically flag for me what I would support?
I can't find a place only to compare macOS version to, to know if I'm on the latest, and for Catalina (and Mojave) I do not even know what else to compare to in order to know if the latest security update was applied.
Thank you for a fast reply. This is a great suggestion, but I was more into something that I would later report back from the device, so more like a script.
But I will try this first.
If anyone have a script for this, I would prefer that…
My idea was that I somehow could know what the latest build was and the second latest. What if I use the software update delay, then I might want to allow the second latest build in order to be compliant.
It seems Apple is not making this wish very easy…