You really really really need to update your Mac. Like really
While everyone was talking about the arrival of Apple Intelligence in the iOS 18.1 and macOS 15.1 betas, Apple also delivered a series of updates for its existing operating systems. And if you own a Mac, you should absolutely install it right away.
The updates don’t include any notable new features, but they do fix a lot of security vulnerabilities. In all, the updates include more than 100 security patches for macOS Sonoma (14.6), Ventura (13.6.8), and Monterey (12.7.6). When you install them, there will be 54 updates for Sonoma, 36 for Ventura, and 32 for Monterey. That’s an incredible amount of patches, especially considering the last round of updates only arrived in mid-May.
There are far too many to list here, but some of the highlights that jump out as particularly concerning:
Family Sharing
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved data protection.
CVE-2024-40795: Csaba Fitzl (@theevilbit) of Kandji
Messages
Available for: macOS Sonoma
Impact: An app may be able to view a contact’s phone number in system logs
Description: The issue was addressed with improved checks.
CVE-2024-40832: Rodolphe BRUNETTI (@eisw0lf)
Photos Storage
Available for: macOS Sonoma
Impact: Photos in the Hidden Photos Album may be viewed without authentication
Description: An authentication issue was addressed with improved state management.
CVE-2024-40778: Mateen Alinaghi
Sandbox
Available for: macOS Sonoma
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed through improved state management.
CVE-2024-40824: Wojciech Regula of SecuRing (wojciechregula.blog), and Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong
Shortcuts
Available for: macOS Sonoma/Ventura/Monterey
Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user
Description: A logic issue was addressed with improved checks.
CVE-2024-40833-36/40807: an anonymous researcher
Time Zone
Available for: macOS Ventura/Monterey
Impact: An attacker may be able to read information belonging to another user
Description: A logic issue was addressed with improved state management.
CVE-2024-23261: Matthew Loewen
WebKit
Available for: macOS Sonoma
Impact: Private Browsing tabs may be accessed without authentication
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 275272
CVE-2024-40794: Matthew Butler
Apple also released iOS 17.6 and iPadOS 17.6 with 30 patches, watchOS 10.6 with 24, tvOS 17.6 with 16, and visionOS 1.3 with 15 fixes. To update your Mac, head over to System Settings (or System Preferences), then General and Software Update. On other devices, find the Settings app, then look for the Software Update tab.
