A few weeks ago, security analyst Joshua Long brought up an important conversation at the Objective By The Sea Conference regarding MacOS updates and then tweeted about it on Twitter yesterday. Long remarked, “Reminder that some things *only* get patched for the current #macOS!” and that can be easy to overlook. It is important to cross reference Apple’s updates with in-house security and risk management policies and to keep the operating system and applications up to date.
As with all software/firmware/hardware updates, it is advised to review release notifications and confirm the changes meet set standards. Much of the recent news regarding information security involves compromise rooted in the lack of updated OEM software on the host machine. Regardless of platform, a strong first step to strengthen an organization’s security posture is keeping the operating system as current as possible.
Here’s a preliminary look at what @Apple patched—and what they didn’t—in macOS Monterey 12.0.1 vs. Big Sur 11.6.1 vs. Security Update 2021-007 Catalina. (Reminder that some things *only* get patched for the current #macOS!) #macOSMonterey #infosec #security #Apple pic.twitter.com/0NbLGk5siI
— Josh Long (the JoshMeister) (@theJoshMeister) October 26, 2021
OBTS v4.0: “n-1 and n-2: Should we really trust in you?” – Josh Long