Help

macOS 13.2.1 updates are rebooting to recovery

jwojda
Valued Contributor II

Posted on ‎02-14-2023 11:50 AM

Anybody else noticing that the macOS 13.2.1 update is causing machines to boot to system recovery?  I had 1 user report that it booted to recovery, but they were able to reboot it again and it was fine.  Another user had to enter the recovery key.  

 

I think they were both m1 Macs, and used Nudge (current version) to initiate the update process.

 

22 REPLIES 22

duff2481-1
New Contributor III

Posted on ‎02-14-2023 12:14 PM

Yes, i faced this same issue this morning when applying the 13.2.1 update. 

jwojda
Valued Contributor II

Posted on ‎02-14-2023 12:26 PM

thank you, glad to know it's not a gremlin in our environment.

 

0 Kudos

duff2481-1
New Contributor III

Posted on ‎02-14-2023 12:53 PM

Looks like it's hit and miss. A co-worker just updated their device and rebooted properly. 

 

0 Kudos

hodgesji
Contributor

Posted on ‎02-14-2023 01:52 PM

We have had quite a few Apple silicon Macs boot into recovery after the 13.2.1 update in our environment. Hoping to open a bug with Apple.

0 Kudos

piotrr
Contributor III

‎02-15-2023 12:24 AM - edited ‎02-15-2023 12:25 AM

I didn't think it was recovery, but authorization. This happens when you force an update using certain MDM commands, an unauthorized reboot without an escrowed bootstrap token and the end user has to authorize the update and reboot.

I just wasn't surprised that there was a super user unfriendly procedure to it, so I just assumed that's what happened. 

0 Kudos

DanM
New Contributor

Posted on ‎02-15-2023 05:47 AM

Hopefully I don't get in trouble for posting here, as we're using an alternative to Jamf as our Apple MDM provider, but I just wanted to say we are experiencing the same problem. Thus far about 1/3 of our (admittedly small, < 100 machines) Macs have ended up on the recovery screen when rebooting. Which, in a fully remote company, is a problem...

0 Kudos

piotrr
Contributor III
In response to DanM

Posted on ‎02-15-2023 05:48 AM

But is it saying recovery or forgotten password, or is it saying "Authorize"? 

0 Kudos

DanM
New Contributor

Posted on ‎02-15-2023 06:11 AM

IMG_20230213_183257.jpg

Which is correct, we _have_ restricted access to Recovery, on purpose. The unique recovery password for each machine is stored with our MDM provider.
Selecting 'Restart' just brings them back to this lock screen.
When we have provided the Recovery password for their machine to each user, they have been able to progress through this step, complete the update, and load into their normal user. But of course handing out recovery passwords for their machines to 1/3 of our userbase isn't great, given the _point_ was to prevent them wiping the machine in circumstances when we didn't want to allow that.

But the machines we initially tested the update on _didn't_ do this. My machine was fine, as was that of my colleague in MDM admin, and several others.
The vast majority of our users are on Apple Silicon, though we do still have 5 or so on Intel. None of whom have experienced the problem. Some of our M1 users have upgraded with no recovery or issues.
Something we _have_ noticed is that _all_ of the affected machines are in Apple Business Manager, although not all of the ABM-registered machines are affected. I mention that because we have a number of machines in Europe that were purchased directly rather than via ABM (UK). Given the percentage failure rate so far, I would have expected some of those to see the same problem, unless something about them not being in ABM means the recovery password can't apply or something.

0 Kudos

DanM
New Contributor
In response to DanM

Posted on ‎02-15-2023 06:12 AM

Whoops, sorry, that was supposed to be in reply to @piotrr 

0 Kudos

piotrr
Contributor III
In response to DanM

Posted on ‎02-15-2023 06:31 AM

Oh, oh man, I am so sorry, that really sucks. I hadn't expected you to block recovery on purpose. 

I don't mind if users wipe their machines, since my whiteglove boot-up to ADE/ABM machines is down to 20 minutes, all they would lose is their own unsynced data and some time. So I have seen no reason to restrict users from the recovery environment. In fact, they might need it. Our machines are almost all prestage ADE locked so they cannot be re-used for anything else, you cannot set them up without an internet connection and if they get that, they go straight to enrollment. 

0 Kudos

user-dIrrpGXxza
Contributor
In response to piotrr

Posted on ‎02-16-2023 02:15 AM

Perhaps a bit off topic, but ADE is pretty easy to circumvent. In essence, macOS disable csr and fiddle with the system files during setup. iOS can also be bypassed easily on any version by restoring a blank generic backup before network is connected. The only good way to prevent unauthorized use is to enable activation lock centrally, but then you have the downside of having to administer recovery lock bypass codes, and also the pain of accidentally deleteing the device from JAMF so the bypass code is lost. In our case, we'd rather lose a few devices before going though that administrative nightmare.

0 Kudos

piotrr
Contributor III
In response to user-dIrrpGXxza

Posted on ‎04-24-2023 12:25 AM

And for me, I'd rather users circumvent ADE or restoring their private backups on company phones, because we have conditional access, so they're not going to be able to work on those devices until they register them properly. 

Sure they could sell/steal them, but that would also end badly for them. 

0 Kudos

taz
New Contributor

Posted on ‎02-15-2023 06:17 PM

Yep! Seeing the same issue with our various Macs. Seems like a hit or miss... Some Macs updated perfectly fine, others entered recovery. We are also zero-touch deployments, ABM and Jamf Pro. Will report issue to Apple. 

0 Kudos

rpayne
Contributor II

Posted on ‎02-16-2023 03:31 PM

We are also seeing this. It's EXTREMELY hit or miss. All machines exhibiting this behavior are apple silicon. We are an ADE zero touch shop as well, but I feel that's a false flag. 

0 Kudos

kevin_v
Contributor
In response to rpayne

Posted on ‎02-16-2023 04:07 PM

Macadmins confirmed it's hitting Intel as well (have had 1x Intel, majority Silicon)

0 Kudos

stevenjklein
Contributor II

Posted on ‎03-30-2023 10:24 AM

Fixed in 13.3.

If you have a Mac that's currently stuck, boot into Internet Recovery, which will allow you to install 13.3.

I've already recovered 1 Mac this way.

skinbeats
New Contributor

Posted on ‎03-31-2023 06:54 PM

Had this issue with 13.2.1. with TWO different systems. One Apple Silicon, one Intel. I did a full reinstall in 13.2.1 on the Intel which booted me back into recovery twice... once in recovery, a regular restart allowed me to work fine. I just restarted when I got to recovery on the Apple Silicon system and it booted fine without the OS reinstall. And this same thing happened again with the 13.3 update with both systems, but restarted and systems are functioning fine. 

dkluge
New Contributor

‎04-19-2023 04:43 AM - edited ‎04-19-2023 04:43 AM

We have seen two devices both Silicon.

0 Kudos

stevenjklein
Contributor II

Posted on ‎04-24-2023 05:11 AM

We've had several machines (Intel and Apple Silicon) with this problem, and restarting from recovery just brought them back to recovery.

Since 13.3 came out, we've used Internet Recovery on the stuck machines to install that update.  For some reason, doing it this way takes a very long time (over an hour), including lots of time on blank screens, but when it's done, it booted normally.

0 Kudos

YoannR
New Contributor

Posted on ‎06-16-2023 06:31 AM

Anyone stuck on a white window after a Mac OS 13.x update ?
Filevault enabled and I5 or M1, Forced to go through recovery


macos.jpg


0 Kudos

skinbeats
New Contributor
In response to YoannR

Posted on ‎06-16-2023 07:41 AM

I haven't gotten stuck at that particular screen, but what happens if you just restart once in recovery? Are you sent back to the white screen or does it boot normally?

0 Kudos