Hey Everyone,
I have a question about macOS updates for the M1 Macs. Reading through Apples Documentation on the volume ownership, it looks like non-admins install updates as long as they're volume owners and the OS update is Minor. This is good as I don't want to struggle every time a minor update is available. The Major OS updates require a volume owner and administrator user to approve and that is okay too for now.
The problem though is that non-admins can install the minor updates without approval now. I've recently campaigned to update all our Macs to 12.3.1 and I see one user has already updated to 12.4. I knew I was going to encounter this issue and am hoping to get a handle on this before it's a free for all. As an example 12.3.1 had an issue with Dropbox and Onedrive syncing and I haven't started testing 12.4 or sometimes an application is removed during an update and it's all unexpected 🙃.
Please bestow upon me your wisdom on what to do with this. Is my only option to defer updates or restrict the installation of apps without administrator approval from the restrictions config profile?
