July 2019 - Mr. Macintosh

New Full Installer of Mojave 10.14.5 (18F2059) released after 10.14.6???

No, we didn’t time travel 3 weeks into the past. A new version of macOS Mojave 10.14.5 (18F2059) was released yesterday.

Today for some reason and maybe for the first time, Apple released an update to a previous full installer release. The previous build version macOS 10.14.5 (18F2058) was released on July 9th and covered the new 2019 13″ MacBook Pro and 2019 MacBook Air. Apple released MacOS Mojave 10.14.6 (18G84) on July 22 and unified all builds. That means you can install 10.14.6 on any Mac.

MrMacintosh.com - A new version of 10.14.5 (18F2059)??? — A new version of 10.14.5 (18F2059)???

I reported on the previous build (18f2058) in a previous article. mrmacintosh.com/macos-mojave-10-14-5-18f2058-full-forked-installer-app-released/

Why would Apple do this ?

I honestly have no clue! Again since 10.14.6 is a unified build we should have no need for a updated installer of a previous build. A user in MacAdmins Slack mentioned that this might be an update to 2058 for the factory restores. If that was the case why was it just now released and not 3 weeks ago? Or maybe this build version was for Internet recovery or something, again though this does not make any sense since agin 10.14.6 is unified.

If you know why, please feel free to Contact Me.

TBH, this article was just a way for me to sneak in a picture of one my favorite memes “Confused Nick Young” into an article picture. Hehe

H/T to Kevin M Cox from MacAdmins.slack.com for the heads up on macOS Mojave 10.14.5 (18F2059).

Apple Pulls 2019-004 Security Updates After Kernel Panics UPDATE: FIXED!

MrMacintosh.com - High Sierra 10.13.6 & Sierra 10.12 will crash when waking up from sleep after the 2019-004 Security Update is installed. UPDATE: NOW FIXED WITH REVISED RELEASE! 7/29/19 — High Sierra 10.13.6 & Sierra 10.12 will crash when waking up from sleep after the 2019-004 Security Update is installed. UPDATE: NOW FIXED WITH REVISED RELEASE! 7/29/19

Apple today pulled the 2019-004 Security Update after it was found to cause Kernel Panics when a Mac wakes from sleep.

First spotted on Apple Support Forums by user Fugge on July 10th, 2019. He installed the 2019-004 Security Update Developer Beta and started seeing Kernel Panics crashes after waking from sleep. A Kernel Panic will happen every single time the Mac wakes from sleep. The issue was then reported on July 24th by Howard Oakley

First reported in this Apple Discussions forum post discussions.apple.com/thread/250485210

Index – UPDATED: 8/01/19 – 5:30 PM CST

1. 2019-004 Security Update for High Sierra 10.13 & Sierra 10.12 Re Released 7/29!!!!
2. Mojave 10.14.6 Supplemental Update fixes an issue that may prevent certain Macs from waking from sleep properly.
3. 2019-004 High Sierra Update Removed from SUS
4. 2019-004 Sierra Security Update removed from SUS
5. T2 BridgeOS version 16.16.6568 also removed
6. Affected Mac Models
7. Check your DEP or Provision work flow. Software Update for 10.12 and 10.13 will not show previous Security Updates.
8. Problem: Kernel Panic after waking from sleep after closing the lid.
9. Fresh install of 10.13 + 2019-004 Security update on a 2018 T2 MacBook Pro does NOT crash!
10. Workaround? – “Prevent computer from sleeping when display is off” Or Reseting the SMC.
11. Reports are saying that the problem remains after reverting back
12. Is the problem actually in the T1/T2 Chip update?
13. This has happened before. It’s recommended that you wait a few days before you install any update.

1. UPDATE! 2019-004 Security Update for High Sierra & Sierra Re Released 7/29!!!!

Apple today at 12:05 CST re released the 2019-004 Security Update for High Sierra 10.13 and Sierra 10.12. A new BridgeOS and EFICheck AllowListAll update are also new. I will update when I have new build versions and new information.

The updated version of 2019-004 will now show up new for you in software update. Even if you installed the 2019-004 update before it was pulled, you will see the update show as NEW!

I already have one report from a user saying that the new update has cleared up the crash on sleep issue!

BridgeOS was re released but the BuildVersion remains the same at 16.16.6568 the updated files inside are dated 7/26
The Re Released 2019-004 Security Update for High Sierra 10.13 BuildVersion is now (17G8030)
The Re Released 2019-004 Security Update for Sierra 10.12 BuildVersion is now (16G2128)

High Sierra 10.13 2019-004 Download link – support.apple.com/kb/DL2012

Sierra 10.12 2019-004 Download Link – support.apple.com/kb/DL2013

2. UPDATE! macOS Mojave 10.14.6 Supplemental Update fixes an issue that may prevent certain Macs from waking from sleep properly.

Today Apple released the macOS Mojave 10.14.6 Supplemental Update. The fix reads

mrmacintosh.com/10-14-6-supplemental-update-released-to-fix-wake-from-sleep-problems/

The macOS Mojave 10.14.6 Supplemental Update fixes an issue that may prevent certain Macs from waking from sleep properly.
support.apple.com

Sure sounds like the same problem as the 2019-004 update, yet no word of anything specifically calling out “Crashes” or “Kernel Panics”

You can download the 10.14.6 Supplemental Update here – https://support.apple.com/kb/DL2015?locale=en_US

Apple also rereleased the 10.14.6 Full Installer, Combo Update and Delta update. The new Build Version is (18G87).

3. 2019-004 High Sierra Update Removed from SUS

Apple has pulled the 2019-004 High Sierra update from the Software Update Service. It will not show up if you run softwareupdate -l or show up at the old address support.apple.com/kb/DL2012?viewlocale=en_US&locale=en_US. The download button still works when you go to Apple.com/downloads.

MrMacintosh.com - 2019-004 link on apple.com/downloads - The download button still works but the page was pulled. — 2019-004 link on apple.com/downloads – The download button still works but the page was pulled.

4. 2019-004 Sierra Update Removed from SUS.

Apple on late on Wednesday also removed the 2019-004 Sierra 10.12 Security Update. This update was removed hours after the 10.13 update was removed. The same problem must be in this update for Sierra Systems. Keep in mind only the 2016 and 2017 MacBook Pros can install Sierra 10.12.

5. BridgeOS version 16.16.6568 also removed.

If you downloaded the 2019-004 update before Apple removed it, you still would not be able to install it if you have a T2 equipped Mac. BridgeOS version 16.16.6568 with a Product ID of 041-51542 is now deprecated. When the Mac starts the installer the new BridgeOS is REQUIRED before the security update can install.

This also means you can not install the 10.13 or 10.12 2019-004 Security Update on T1/T2 Macs.

6. Check your DEP or Provision work flow. Software Update for 10.12 and 10.13 will not show previous Security Updates.

If you have a provisioning workflow where you rebuild Macs using DEP or some other type of system, you will be stuck on the current BuildVersion on the full installer BuildVersion. This means if you run a softwareupdate -iar command or have automatic updates set on, it will not receive any security updates until a fixed 2019-004 update is released.

7. Affected Mac Models

I am not totally sure the scope of this, as users have reported the issue mostly on MacBook Pro’s. Others reported this issue happening on iMacs.

I have confirmed the issue does not happen on at least one Non T1/T2 Mac. I was able to install 2019-004 on a 2017 MacBook Air and it did NOT Kernel Panic on sleep or wake.

MrMacintosh.com - Testing the issue on a 2017 Non T1/T2 Mac does not have the Kernel Panic Crashing issue. — Testing the issue on a 2017 MacBook Air

8. Problem: Kernel Panic after waking from sleep after closing the lid.

One of the Kernel Panic Reports posted from the Apple Support Post. The issue happens after you close the lid or wake the Mac from Sleep.

*** Panic Report ***

panic(cpu 0 caller 0xffffff7f88668303): “Failed to quiesce supporting devices\n”@/BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleACPIPlatform/AppleACPIPlatform-254.50.6/AppleACPIPlatformPower.cpp:1972

Backtrace (CPU 0), Frame : Return Address

0xffffff91fdf4bbb0 : 0xffffff80056e837c

0xffffff91fdf4bc30 : 0xffffff7f88668303

0xffffff91fdf4bc90 : 0xffffff7f88667ee6

0xffffff91fdf4bce0 : 0xffffff7f8866b95f

0xffffff91fdf4bd00 : 0xffffff8005cdb86e

0xffffff91fdf4bd60 : 0xffffff8005d0626e

0xffffff91fdf4bde0 : 0xffffff8005ca5c6c

0xffffff91fdf4be50 : 0xffffff8005ca2df4

0xffffff91fdf4beb0 : 0xffffff8005c9fb22

0xffffff91fdf4bef0 : 0xffffff8005c9f9a2

0xffffff91fdf4bf30 : 0xffffff8005cbb5e1

0xffffff91fdf4bf80 : 0xffffff8005cbad3c

0xffffff91fdf4bfb0 : 0xffffff8005698957

Kernel Extensions in backtrace:

com.apple.driver.AppleACPIPlatform(5.0)[65E05472-6AE7-3308-8CC8-FA6CB0DB2AEE]@0xffffff7f8865d000->0xffffff7f886bcfff

dependency: com.apple.iokit.IOACPIFamily(1.4)[4F7FB6AD-2498-3F71-827C-ED7AA4BF2511]@0xffffff7f85e8a000

dependency: com.apple.iokit.IOPCIFamily(2.9)[D5DA7B81-DCD5-39AC-8DC9-796A4D1D6A20]@0xffffff7f85e4f000

BSD process name corresponding to current thread: kernel_task

Mac OS version:

16G2127

Kernel version:

Darwin Kernel Version 16.7.0: Sun Jun 2 20:26:31 PDT 2019; root:xnu-3789.73.50~1/RELEASE_X86_64

Kernel UUID: 9778BC83-2647-3AE4-A7F2-8A2F41FA8791

ernel slide: 0x0000000005400000

rnel text base: 0xffffff8005600000

__HIB text base: 0xffffff8005500000

System model name: MacBookPro13,3 (Mac-…)

2019-004 kernel panic crashes

9. Fresh install of 10.13 + 2019-004 Security update does NOT crash on sleep!

I was able to update a 2018 T2 MacBook Pro with the 2019-004 update and BridgeOS 16.16.6568 and it does NOT crash on sleep wake. The issue is starting to look like a conflict with a Kernel Extension or piece of 3rd party software. A few of the Kernel Panic Reports were sort of pointing to Virtual box but that may be pushing it.

10. Workarounds? “Prevent computer from sleeping when display is off” & Resetting SMC

So far we at least have one or two possible workarounds that have been posted in the Apple Discussion Forums by user g–unit , synthrally and a user of MrMacintosh.com Eugene (see below)

1. Try turning on “Prevent computer from sleeping when display is off” NOTE: This option is only available for when you are plugged into power. I am not sure what will happen when you are on battery power.

I was able to get the shutdowns to stop by disabling computer sleep when display is off.
system preferences -> energy saver -> check “Prevent computer from sleeping when display is off”

Not a solution, but at least stops the annoying shutdowns until Apple can fix the issue.
Apple Discussion Forum User g–unit
discussions.apple.com/thread/250506956?answerId=250974279022#250974279022

2. Reset SMC (System Management Controller) NOTE: this only seems to help about 50% of the time. Resetting the SMC seems to work for some but not others.

I found a workaround that actually did the trick. SMC Reset, which for me was as simple as shutting down the device, unplugging the power, waiting 15 seconds, and plugging it back in. Directions called for me to wait 5 seconds before turning the power back on, but in my case it booted right up automatically after reconnecting the power cord. Specific instructions will vary depending on the device: https://support.apple.com/en-us/HT201295
Eugene – MrMacintosh.com Commenter.

I second SMC Reset solution, thanks a lot, this worked for me.
Reset the System Management Controller (SMC) on your Mac – Apple Support
synthrally – Apple Discussion Forum User.

3. Use Apple Menu > Sleep, instead of closing the lid.

I can put the display to sleep and leave the lid open without a problem. I recommend doing this if you are connected to power.
Garry144 – Apple Discussion Forum User

4. Wait until Apple Fixes the issue and then releases a new Updated Security Update.

5. Fresh reinstall of 10.13.6 and 2019-004 Security Update. NOTE: read section 8.

6. Upgrade to macOS Mojave 10.14

7. UPDATE 7/25: THIS DOES NOT FIX THE ISSUE!!! While the restore does work the system will still crash. Check to see if you tmutil created a time machine restore point in the Recovery Partition by running tmutil listlocalsnapshots /

You should see something like this

MacbookPro:~ User$ tmutil listlocalsnapshots /

com.apple.TimeMachine.2019-07-24-221041

If you have a snapshot listed you can boot to the Recovery Partition, click on Time Machine and if you have a localsnapshot listed it will look like this.

MrMacintosh.com - 2019-004 crashing Macs may be able to revert to a local snapshot — You may be able to revert back to a the previous OS Version if you can get to the localsnapshot before 24 hours.

If you have successfully reverted back you can click about this Mac to verify you are on the old build version. You can also type in sw_vers in terminal to display the BuildVersion.

MrMacintosh.com - The installer created a localsnapshot that we could revert back to. It only lasts for 24 hours. — Made it back to 17G7024

Now that we made it back to 17G7024 the question remains… Is the actual issue in the 2019-004 Security Update OR in the T1 EmbeddedOS or T2 BridgeOS? UPDATE: looks the the issue still remains. Continue reading below.

11. Reports are saying that the problem remains after reverting back to (17G7024)

A user in the Apple Discussion Forum was able to follow the above instructions and use the TM localsnapshot to revert back, but reported that he is still having the issue.

So, I reverted to the snapshot that was taken right before the update, but the problem still exists. I never saw this issue before installing the security update.
agiveygives

12. Is the problem actually in the T1/T2 Chip update?

This could very well mean that the problem is not inside the 2019-004 update code but in the T1/T2 chip update known as EmbeddedOS or BridgeOS. This would make sense since you can still install the 2019-004 update on a NON T1/T2 system and it’s fine. You can’t downgrade to a previous version of the T1/T2 Update. If this is the case you will have to wait until Apple releases the fixed 2019-004 update which includes a updated T1/T2 Update.

13. This has happened before. It’s recommended that you wait a few days before you install any update.

This is not the first time Apple has pulled an update. They pulled High Sierra and Sierra 2019-002 Security Update this past March. It’s a good idea to wait at least a few days before you update.

mrmacintosh.com/apple-replaces-2019-002-security-updates-for-10-13-and-10-12-bridgeos-updates-also-show-as-new/

I will update this post as more 2019-004 kernel panic crashes info becomes available.

macOS updates 7/22/19 – Mojave 10.14.6 – 10.13 & 10.12 (2019-004)

MrMacintosh.com - Today Apple released MacOS Mojave 10.14.6 (18G84) and Security Update 2019-004 for High Sierra 10.13 and Sierra 10.12. — Today Apple released MacOS Mojave 10.14.6 (18G84) and Security Update 2019-004 for High Sierra 10.13 and Sierra 10.12.

UPDATE: 7/31/19 – Apple Re-Released the 2019-004 High Sierra and Sierra Security Updates.

The new build numbers are

High Sierra 10.13 – 2019-004 = 17G8030
Sierra 10.12 – 2019-004 = 16G2128

You can read more about why this happened in my article here. mrmacintosh.com/apple-pulls-2019-004-high-sierra-and-sierra-security-updates-after-kernel-panics/

Today Apple released macOS Mojave 10.14.6 and Security Updates 2019-004 for High Sierra 10.13 and Sierra 10.12. If Apple’s previous update release history is any guide, 10.14.6 will be the final update for Mojave. Once macOS 10.15 Catalina is released in September, Mojave will be security patched for two more years. High Sierra will be supported for one year and Sierra will be dropped.

MacOS Mojave 10.14.6 Update (18G84)

10.14.6 Mojave Combo Update (for 10.14.0-10.14.5) – 3.37gb
https://support.apple.com/kb/DL2010

10.14.6 Mojave Delta Update (for 10.14.5) – 2.67gb
https://support.apple.com/kb/DL2011

Information on new features and fixes included in the 10.14.6 update

https://support.apple.com/en-us/HT209149

Security information for macOS Mojave 10.14.6, High Sierra 10.13 2019-004 & Sierra 10.12 2019-004

https://support.apple.com/en-us/HT210348

Enterprise Content

Addresses an issue where file-sharing connections would potentially drop.
Improves compatibility of Xsan clients when accessing volumes that use 1K or larger LUN sector sizes.

Update Notes

Makes downloaded issues available in the My Magazines section of Apple News+, both online and offline.
Adds all publications in Apple News+, including newspapers, to the catalog at the top of the News+ feed.
Adds the ability to clear downloaded magazine issues in Apple News+ by choosing History > Clear > Clear All.
Addresses an issue which prevents creation of a new Boot Camp partition on iMac and Mac mini with Fusion Drive.
Resolves an issue that may cause a hang during a restart.
Resolves a graphics issue that may occur when waking from sleep.
Fixes an issue that may cause fullscreen video to appear black on Mac mini.
Improves file-sharing reliability over SMB.

High Sierra 10.13 – 2019-004 (17G8029)

10.13.6 High Sierra Security Update 2019-004 – New BuildVersion – (17G8029) Size 1.9gb
https://support.apple.com/kb/DL2012

Sierra 10.12 – 2019-004 (16G2127)

10.12.6 Sierra Security Update 2019-004 – New BuildVersion – (16G2127) – Size 927.6mb
https://support.apple.com/kb/DL2013

Safari 12.1.2 for High Sierra & Sierra

10.13 – Safari12.1.2HighSierraAuto-12.1.2 (softwareupdate only)

10.12 – Safari12.1.2SierraAuto-12.1.2 (softwareupdate only)

Other New Updates Released

Command Line Tools for Mojave 10.14 Xcode 10.13 – 203.9mb
BridgeOS – 16.16.6568.0.0 – 366.9mb
Gatekeeper Config Data – v173 – 3.5mb

Previous Releases

Zoom Vulnerably Remediation – 14 Total variants Index of MRT Links & Info

MrMacintosh.com - Zoom Vulnerably Remediation, 14 Total variants & RCE found. Index of Zoom & MRT Links & Info — Zoom Vulnerably Remediation, 14 Total variants & RCE found. Index of Zoom & MRT Links & Info

14 total Zoom Vulnerably / Exploit variants and a RCE Remote Code Execution found!

Just when you had enough of the first Zoom Vulnerably, Apple released MRTConfigData 1.46 (now 1.47!) to deal with 14 total variants and a Remote Code Execution (RCE) . I created this Index of MRT Links & Info to help you get through the confusion.

Jonathan Leitschuh reported the first vulnerably in Zoom. I wrote an article talking about this and how to remediate the RCE and Conferencing Video Bug here.

UPDATED: 07/18/19 – MRTConfigData 1.47 released and 3 more Zoom variants! Brings the total to 14.

MRT Malware Removal Tool Index

1. List of zoom opener variants and MRT versions
2. MRTConfigData Compatible OS versions.
3. Software Update & MRT Commands
4. Malware Removal Tool Documentation
5. Caveats of installing MRTConfigData and how the MRT scan works differently in 10.14 vs 10.13
6. Other ways to install MRT updates
7. Digging into the MRT Binary
8. More questions, Problems and Errors
9. Links to scripts and other MacAdmin articles
10. Disclaimer

1. List zoom opener variants and MRT Versions

How do we even know which variants are included in MRTConfigData v1.45 and v1.46? (Now 1.47!) The only way to find out is to dig into the MRT Binary Code. I talk about how I found the new variants a little more in section 7 below.

We now have 14 new Zoom Opener variants to worry about. Each one is a hidden folder listed in your user folder!

MRT Versions

1. MRTConfigData v1.45 – 7/10/19
2. MRTConfigData v1.46 – 7/16/19
3. MRTCOnfigData v1.47 -7/18/19

Zoom Variants

1. /.zoomus – 1.45
2. /.ringcentralopener – 1.46
3. /.telusmeetingsopener– 1.46
4. /.btcloudphonemeetingsopener– 1.46
5. /.officesuitehdmeetingopener– 1.46
6. /.attvideomeetingsopener– 1.46
7. /.bizconfopener– 1.46
8. /.huihuiopener – 1.46
9. /.umeetingopener– 1.46
10./.zhumuopener– 1.46
11./.zoomcnopener– 1.46
12./.earthlinkmeetingroomopener – 1.47
13./.videoconferenciatelmexopener – 1.47
14./.accessionmeetingopener – 1.47

2. MRTConfigData Compatible OS versions.

You can run the MRTConfigData update on the following macOS versions.

Mojave 10.14
High Sierra 10.13
Sierra 10.12
El Capitan 10.11 (Note: You can only use softwareupdate -ia --background as the --include-config-data option was new in Sierra 10.12)

3. Software Update & MRT Commands

Let’s get right to it, here are the commands again if you want to remediate right now!

1. Check for config data updates: /usr/sbin/softwareupdate -l --include-config-data
2. Manual Install of MRT v1.47: /usr/sbin/softwareupdate -i MRTConfigData_10_14-1.47 --include-config-data
3. Verify Version of MRT: /usr/bin/defaults read /System/Library/CoreServices/MRT.app/Contents/Info.plist CFBundleShortVersionString
4. Force Run MRT.app in Agent mode: /System/Library/CoreServices/MRT.app/Contents/MacOS/MRT -a

If MRT finds Zoom the manual scan will look like this.

MrMacintosh.com - A manual MRT -a agent scan found ZoomOpener and deleted it. — A manual MRT -a agent scan found ZoomOpener and deleted it.

4. Malware Removal Tool Documentation

Apple has not documented how the MRT Scan works. The MRT Tool is called out with just a few lines in the macOS Security Overview for IT.

MrMacintosh.com - macOS Security Overview for IT 2018 — macOS Security Overview for IT 2018

Apple refers to MRT updates as “Silent or Quiet Update” when referenced in the media. The MRT Binary doesn’t have a MAN page or a -help section. Targeted malware variants are not documented. Sounds like a job for #MacAdmins!!!

5. Caveats of installing MRTConfigData and how the MRT scan works differently in 10.14 vs 10.13

You need to know about a few caveats with this process. I have tested the installation and scan multiple times and found differences in each OS! Let’s start with Mojave 10.14 then move to High Sierra 10.13.

MRT in Mojave 10.14.5

When you manually install the MRTConfigData update the MRT.app will automatically run a MRT Scan!
You only have to worry about other users who may have installed any of the opener variants as the MRT Scan only runs for the logged in user only.
A restart and Logout/Login will kick off a manual MRT Scan.
You can run a script that Rich wrote that will remove zoom from all logged in users.
github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/fix_zoom_vulnerability

MRT in High Sierra 10.13.6

A reboot will kick of a MRT Scan
A logout and login will kick off an MRT Scan
When you manually install the MRTConfigData update the MRT Scan will NOT run automatically!!!
You will need to run the MRT.app agent scan manually to remove any zoom variants.

TLDR: Installing MRTConfigData in 10.14 automatically kicks off the MRT.app scan, while in 10.13 the MRT scan does NOT run automatically.

H/T to @howardnoakley and @alvarnell for pointing out that after installing MRTConfigData the MRT Scan kicks off automatically. I did not know it at the time but they were testing in 10.14. All my testing was on 10.13, so thats why I was getting different results!

6. Other ways to install MRT updates

If you are on Mojave 10.14.5 you will automatically get the MRTConfigData update as long as you have the following SoftwareUpdate Settings set to ON.

MrMacintosh.com - Software Update - Required settings to get "System Data Files and Security Updates" — Software Update – Required settings to get “System Data Files and Security Updates”

As long as you have these settings set to ON your Mac should automatically check in for new updates and install them every 24 hours.

For the com.appleSoftwareUpdate.plist file you need the following settings set to ON.

/Library/Preferences/com.appleSoftwareUpdate.plist

AutomaticCheckEnabled = 1
AutomaticDownload = 1
ConfigDataInstall = 1
CriticalUpdateInstall = 1

If you want to install all background updates now without waiting you can issue the following command.

sudo softwareupdate --background --include-config – Only background updates

sudo softwareupdate -ia --include-config-data – Background updates AND OS level Updates

NOTE! The -ia option will install ALL available software updates including Combo, Safari and Security Updates.

The above commands will only install Xprotect updates if you have all the automatic software update settings set to ON.

7. Digging into the MRT Binary

Apple does not list the targeted malware variants anywhere, so the only way to find them is to dig into the MRT Binary Code. You cant just open the code inside MRT as it has thousands of lines of code. You have to first compare the current version to the old one. This will give you the first clues, as each piece of malware is given a code. In this case it was MACOS.354c063.

Now that we have the Malware Family ID we can then search the MRT Binary using a disassembler application. A disassembler like Hopper is used to view the actual code of the new MRT binary.

MrMacintosh.com - The actual code calling out /.zoomus/ZoomOpener.app — BINGO!!! The actual code calling out /.zoomus/ZoomOpener.app

8. More questions, Problems and Errors

We still have questions about how the MRT works especially the MRT -d or daemon mode. I have even reached out to Apple for an answer on this.

Howard Oakley wrote a great article looking into this.

eclecticlight.co/2019/07/13/what-happened-when-mrt-was-updated-and-what-mrt-does/

This is the best information we have so far.

Problems and Errors

Trying to run a manual update and scan can cause some problems in certain situations.

1. Running /usr/sbin/softwareupdate -i MRTConfigData_10_14-1.47 --include-config-data shows

Result of command:
MRTConfigData_10_14-1.46: No such update
No updates are available.

If this happens run /usr/sbin/softwareupdate -l --include-config-data first.

2. Running the MRT Scan from a script shows

MRT Scan failedToReceiveProfileList

You will need to run MRT in 10.14 as the logged in user.

MrMacintosh.com - Running MRT in agent mode as the logged in user. — Running MRT in agent mode as the logged in user.

9. Links to scripts and other MacAdmin articles

CVE-Numbers
DOS Vulnerability — Fixed in Client version 4.4.2 — CVE-2019–13449
Information Disclosure (Webcam) — Zoom —CVE-2019–13450
The Zoom Client before 4.4.53932.0709 on macOS allows RCE remote code execution – CVE-2019-13567

Apple.com – About background updates in macOS Mojave Your Mac automatically installs background updates for the security configuration and data files used by macOS. – support.apple.com/en-us/HT207005
Apple.com – macOS Security Overview for IT – 2018 – apple.com/business/resources/docs/macOS_Security_Overview.pdf

Jonathan Leitschuh – twitter.com/jlleitschuh – Medium.com – A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 companies around the world that use Zoom to conduct day-to-day business. – medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

Howard Oakley – twitter.com/howardnoakley – eclecticlight.co – Howard really dug into this when it first came out writing multiple articles on the zoom exploit. He also has multiple applications that he wrote that will help you, including one called SilentKnight that will tell you if all your XProtect definitions are up to date.
eclecticlight.co/2019/07/09/zoom-videoconferencing-could-expose-your-mac/
eclecticlight.co/2019/07/10/apple-has-pushed-an-update-to-mrt-to-remove-zooms-hidden-web-server/
eclecticlight.co/2019/07/13/what-happened-when-mrt-was-updated-and-what-mrt-does/
eclecticlight.co/2019/07/14/last-week-on-my-mac-does-anyone-here-know-about-mrt/
eclecticlight.co/2019/07/18/how-to-check-that-your-mac-is-free-of-zoom-and-similar-web-servers/

Rich Trouton – twitter.com/rtrouton – derflounder.wordpress.com – Rich has written the best script yet to remediate the Zoom venerability on all user accounts.
derflounder.wordpress.com/2019/07/10/zoom-vulnerability-and-remediation-script/
derflounder.wordpress.com/2019/07/13/zhumu-vulnerability-and-remediation/
derflounder.wordpress.com/2019/07/16/additional-zoom-remediation-from-apple-via-mrt/
github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/fix_zoom_vulnerability

Karan Lyons – twitter.com/karanlyons – Github
Fix for Zoom, RingCentral, Zhumu (and possibly more) RCE vulnerabilities – gist.github.com/karanlyons/1fde1c63bd7bb809b04323be3f519f7e

Assetnote.io – Deep dive on how the RCE and Zoom exploit works. blog.assetnote.io/bug-bounty/2019/07/17/rce-on-zoom/

Jamf Nation Discussion Forum – Zoom Exploit – jamf.com/jamf-nation/discussions/32561/zoom-exploit

My article on the Zoom Exploit – mrmacintosh.com/how-to-remediate-the-zoom-vulnerability-with-apple-malware-removal-tool

TheVerge.com – theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras

Blue Jeans Response – support.bluejeans.com/s/article/BlueJeans-Detector-Service

Macadmins.slack.com – You can also talk about the Zoom Vulnerability and join the #zoom channel or #security in MacAdmins Slack.

10. Disclaimer

I tried to test and research as much as possible to save you time. I hope this Index of MRT Links & Info helps you, but since this issue revolves around security please double check and test before you deploy. After deployment check again that the files inside the opener are in fact deleted.

Index of MRT Links & Info

https://twitter.com/howardnoakley?lang=en

Apple Releases Forth Beta of macOS Catalina 10.15 (19A512f) Beta 4

MrMacintosh.com - macOS Catalina 10.15 (19A512f) Beta 4 — macOS Catalina 10.15 (19A512f) Beta 4

Today Apple released macOS Catalina 10.15 (19A512f) Beta 4 to Developers.

MacOS Catalina 10.15 (19A512f) Beta 4 was released today July 16th, 2019 at 12:00 CST. I have included a summary of what is new/changed in Beta 4 compared to Beta 3. Like usual, I also have included the entire patch notes list as an archive. When Apple releases the Beta 5 patch notes, the previous patch notes are overwritten.

Summary of Beta 4 Changes

I have gone through both Beta 3 and the new Beta 4 notes and took out all the new entries in Beta 4. This is a summary of changes from 10.15 Catalina Beta 3 – Beta 4.

2 New Deprecations
8 New Features
19 New Known Issues
23 New Resolved issues

1. New Deprecations in Beta 4

The identified(by:) method on the Collection protocol is deprecated in favor of dedicated List(:id:) and ForEach(:id:) initializers. (52976883)
The relativeWidth(:), relativeHeight(:), and relativeSize(width:height:) modifiers are deprecated. Use other modifiers like frame(minWidth:idealWidth:maxWidth:minHeight:idealHeight:maxHeight:alignment:) instead. (51494692)

2. New Features in Beta 4

All URLSessionTask instances with a GET HTTP method which contain a body will now produce the error NSURLErrorDataLengthExceedsMaximum. (46025234)
The EnvironmentValues structure has four new properties for reading accessibility values from the environment: accessibilityDifferentiateWithoutColor, accessibilityReduceTransparency, accessibilityReduceMotion, and accessibilityInvertColors. (51712481)
The color(🙂 modifier is renamed foregroundColor(🙂 for consistency with the more general foregroundColor(_:) modifier. (50391847)
The BindableObject protocol’s requirement is now willChange instead of didChange, and should now be sent before the object changes rather than after it changes. This change allows for improved coalescing of change notifications. (51580731)
The Collection protocol is extended to include a remove(atOffsets:) method and the MutableCollection protocol is extended to include a move(fromOffsets:toOffset:) method. Each new method takes IndexSet instances that you use with the onMove(perform:) and onDelete(perform:) modifiers on ForEach views. (51991601)
Added improved presentation modifiers: sheet(isPresented:onDismiss:content:), actionSheet(isPresented:content:), and alert(isPresented:content:) — along with isPresented in the environment — replace the existing presentation(_:), Sheet, Modal, and PresentationLink types. (52075730)
Updated the APIs for creating animations. The basic animations are now named after the curve type — such as linear and easeInOut. The interpolation-based spring(mass:stiffness:damping:initialVelocity:) animation is now interpolatingSpring(mass:stiffness:damping:initialVelocity:), and fluidSpring(stiffness:dampingFraction:blendDuration:timestep:idleThreshold:) is now spring(response:dampingFraction:blendDuration:) or interactiveSpring(response:dampingFraction:blendDuration:), depending on whether or not the animation is driven interactively. (50280375)
Added an initializer for creating a Font from a CTFont. (51849885)

3. New Known Issues in Beta 4

General – macOS Catalina beta 4 does not support the MacBook Air model released in Summer 2019. A future beta of Catalina will add support for MacBook Air (Retina, 13-inch, 2019).
Airdrop – AirDrop doesn’t work when a VPN is connected with the includeAllNetworks and excludeLocalNetworks options enabled.Workaround: Disconnect the VPN before using AirDrop. (52618489)
DriverKit – DriverKit drivers don’t build in macOS Catalina beta 4. Continue using beta 3 for DriverKit development. (52858797)
EndpointSecurity – High frequency AUTH events such as ES_EVENT_TYPE_AUTH_READLINK triggered by logd might cause the client to become unresponsive. (52211117)
EndpointSecurity – The es_mute_process(:🙂 interface doesn’t mute processes. (53017708)
EndpointSecurity – es_copy_message(_:) isn’t functional. (53013028)
iCloud – If you’re using iCloud Desktop and Documents and documents saved to your Desktop aren’t appearing, turn iCloud Drive off and then on again. (51569326, 52731989)
iWork – Attempting to open iWork documents in Finder will unexpectedly create a .cpgz file if the corresponding iWork app isn’t installed. (40693892)Workaround: Install the corresponding app from the App Store before opening the document.
Localization – Certain languages might exhibit clipped or misaligned layout. (51068688,50983852)
Localization – Certain languages might display unlocalized text. (47765173,51196633)
Mac Catalyst – AppKit and Mac Catalyst apps are currently view-only clients of PencilKit. (51146823)
Mac Catalyst – When your Mac Catalyst app is launched directly into the background, it experiences all the state transitions of a regular app launch — such as application(:didFinishLaunchingWithOptions:) and applicationDidBecomeActive(🙂 — followed by state transitions to return to background state from there — applicationWillResignActive(🙂 and applicationDidEnterBackground(:). This will soon be updated to match iOS, where your app will receive only applicationDidFinishLaunching(_:), and only if it wasn’t already running. (50742219)
Mac Catalyst – For Mac Catalyst apps to save to Photos Library, explicitly linking the Photos framework is required. (50781430)
Mac Catalyst – Opening a CloudKit share URL might not launch a Mac Catalyst app that’s present on the system. Additionally, the system might not take the user to the appropriate App Store page to download an app which isn’t present on the system. (50877241)
Mac Catalyst – All assets at 3x scale factor are currently ignored when compiling the asset catalog for Mac Catalyst apps. Because the search begins with the universal asset, assets for a specific memory or graphics class won’t be found. For example, if you provide an image and only give a 6GB and Metal 5v1 asset, it won’t be found at runtime. It’s recommended that you provide all images as vectors to allow generation of the correct scale factors, or at minimum provide 2x versions of the assets. If you’re classifying resources based on memory and graphics families then you should provide “Any Memory” and “Any Graphics”. (51033745)
Mac Catalyst – When creating a Mac Catalyst app from your iPad app, Xcode automatically generates a unique Mac bundle identifier. If you have an existing Mac bundle identifier you’d prefer to use, you can do so by using manual signing in Xcode. (51076014)
Privacy – Apps that previously asked for access to services in the System Preferences > Security & Privacy > Privacy pane might ask for approval again after updating to macOS Catalina beta 4. (51312574)
Security – Opening some .dmg files signed before June 1, 2019 using a Developer ID might incorrectly display an error message. All .dmg files signed using a Developer ID after June 1, 2019 must be notarized. For more information about notarization, see Notarizing Your App Before Distribution. (52234399)Workaround: Control-click the .dmg file in Finder and choose Open.
SwiftUI – Using Xcode 11 beta 3 with macOS Catalina beta 4 prevents SwiftUI previews from working. Update to Xcode 11 beta 4 when it becomes available. (52082331)

4. New Resolved Issues in Beta 4

General – You can unlock a Mac that has Activation Lock enabled when you use Recovery Assistant to erase it when reinstalling macOS. (52017040)
General – You no longer see only third-party applications when you click the Applications shortcut in the Finder sidebar if you used Migration Assistant to migrate your data to a Mac running macOS Catalina beta. (51651200)
Airdrop – VoiceOver feedback sounds are available while in macOS Recovery. (48218068)
App Store – Apps such as Final Cut Pro, Motion, Compressor, and iMovie can consistently be found using Search. (51245576)
Books – Audio books appear correctly after migrating. (50823065)
Books – You can consistently import books into your library. (50962112)
Books – Locally downloaded cloud items don’t move back to iCloud after upgrading to macOS Catalina beta. (51306790)
Core Media – You no longer see unexpected results when creating 10-bit HEVC video content. (50322535)
EndpointSecurity – Your Mac starts correctly when an EndpointSecurity extension that contains the NSEndpointSecurityEarlyBoot key is installed and then uninstalled. (52010655)
Final Cut Pro – You can consistently access content from your Photos library. (51600540)
iCloud – All of your iCloud Drive data is consistently present after upgrading to macOS Catalina beta. (51787170, 51950018)
iCloud – Documents download correctly in iCloud Drive. (52295165)
Mac Catalyst – Apps no longer launch in the foreground without user input if the app uses APIs that might result in a background launch. (51287556)
Mac Catalyst – The UIGraphicsRenderer class’s default() function no longer returns the nonextended color range renderer format by default. (51303954)
Mac Catalyst – The UIDevice class’s name properly reports itself in Mac Catalyst apps. (51304085, 49792004)
Music – Music launches at the expected speed. (51207753)
Networking – An active Network Extension content filter configuration no longer interrupts the boot process indefinitely following a kernel panic. (50965627)
Podcasts – Writing a review behaves as expected. (46173722)
Spotlight – Drives formatted using exFAT and FAT are searchable using Spotlight. (52271781)
SwiftUI – View modifier methods return opaque views (some View) rather than complex generic types. (46140669)
SwiftUI – ScrollView instances always size themselves as expected for their content. (49204262)
SystemExtensions – Approving system extensions using Mobile Device Management is now available. (50553712)
Voice Memos – Location-based naming is now available. (48048663, 50743045)

Report your bugs NOW!

Now that 10.15 Beta is live, be sure you begin testing as soon as you can. You will want to get any bugs that you find into Apple now. If you get them in now, they could be fixed in the current beta cycle instead of waiting until after September’s release date. If you wait it could be months before the fix is put into a dot release combo update.

Link to Apple’s Public Developer Documentation

developer.apple.com/documentation/macos_release_notes

Previous 10.15 Beta Releases

4th macOS Catalina 10.15 Beta 4 (19A512f) – 07/17/19 – Current Relase
3rd macOS Catalina 10.15 Beta 3 (19A501i) – 07/02/19 – Release Notes
2nd macOS Catalina 10.15 Beta 2 (19A487l) – 06/17/19 – Release Notes
1st macOS Catalina 10.15 Beta 1 (19A471t) – 06/03/19 Release Notes

How to download macOS 10.15 Catalina beta releases

Sign up Public Beta – Apple Beta Software Program
Sign up as an Apple Developer (Yearly $100)
Contact your Apple SE to join AppleSeed for IT

Full 10.15 (19A512f) Beta 4 Patch/Release Notes

I always post the full macOS 10.15 Beta 4 patch notes to this page to document them for you. The reason behind that is that Apple will usually just replace over the old patch notes so you are then unable to see what was fixed in the previous release.

Overview

The macOS 10.15 SDK provides support for developing apps for Macs running macOS Catalina 10.15. The SDK comes bundled with Xcode 11 beta available from Beta Software Downloads. For information on the compatibility requirements for Xcode 11, see Xcode 11 Beta 3 Release Notes.

General

New Features

Installing third party kernel extensions now requires that you restart your Mac before they’re permitted to load. (50340461)

Known Issues

macOS Catalina beta 4 does not support the MacBook Air model released in Summer 2019. A future beta of Catalina will add support for MacBook Air (Retina, 13-inch, 2019).
WarningYour Secure Token might be lost if FileVault is enabled on a non-APFS formatted volume while upgrading to macOS 10.15. You might be able to work around this by disabling FileVault before upgrading to macOS 10.15, then reenabling FileVault once the upgrade has completed. (51091312)
During installation of macOS 10.15 you might be prompted to enter your administrator password multiple times to allow installation to proceed. (51206649)

Resolved Issues

You can unlock a Mac that has Activation Lock enabled when you use Recovery Assistant to erase it when reinstalling macOS. (52017040)
You no longer see only third-party applications when you click the Applications shortcut in the Finder sidebar if you used Migration Assistant to migrate your data to a Mac running macOS Catalina beta. (51651200)
Apps consistently relaunch after installation or applying an update. (51228752)

Deprecations

macOS frameworks are now thinned for the x86-64 architecture. Apps that execute i386 code now fail with the EBADARCH error code. The remaining stub frameworks are nonfunctional and exist only for compatibility purposes. (51236070)

Accessibility

Resolved Issues

VoiceOver feedback sounds are available while in macOS Recovery. (48218068)

AirDrop

Known Issues

AirDrop doesn’t work when a VPN is connected with the includeAllNetworks and excludeLocalNetworks options enabled.Workaround: Disconnect the VPN before using AirDrop. (52618489)

App Store

Known Issues

You might receive an error when downloading or updating apps. (49755328)Workaround: Sign out of your account using the Store menu, then sign back in and retry your download.

Resolved Issues

Apps such as Final Cut Pro, Motion, Compressor, and iMovie can consistently be found using Search. (51245576)

Apple CryptoKit

Resolved Issues

Users are prompted to authenticate when using the SecureEnclave API with access control set on keys. (51279188)

Apple TV

Known Issues

Support for signing in with an account from a different country is currently unavailable. (51240948)

AppleEvents

New Features

To enhance security, AppleEvents and AppleScripts that target an app on a remote system must authenticate as the same user on the remote system. An AppleEvent that targets an app running as a different user receives a procNotFound error.To allow remote AppleEvents to target apps in any user session, run the following command in Terminal on the server:defaults write /Library/Preferences/com.apple.AEServer RestrictAccessToUserSession -bool falseThen disable and reenable Remote Apple Events in System Preferences > Sharing. (5353592)

Audio

New Features

You can now enable voice processing mode on AVAudioEngine. (50906329)
You can use new AVAudioNode types to wrap a user-defined block for sending or receiving data in real-time.
A new method is available for an AVAudioEngine based app to retrieve a list of all nodes attached to an AVAudioEngine instance.
A new rendering mode in AVAudioEnvironmentNode selects the best spatial audio rendering algorithm automatically based on the output device.
A new AVAudioSession property allows system sounds and haptics to play while the session is actively using audio input.
A new property, AVAudioSession.PromptStyle informs apps which style of voice prompt they should play based on other audio activity in the system.
The AVAudioSession.RouteSharingPolicy enumeration is extended to allow apps to specify route sharing policies so their audio and video is routed to the same location as AirPlay.
Audio Unit Extensions now support user presets that are available across all host apps.

Deprecations

The OpenAL framework is deprecated and remains present for compatibility purposes. Transition to AVAudioEngine for spatial audio functionality.
AUGraph is deprecated in favor of AVAudioEngine.
Inter-App audio is deprecated. Use Audio Units for this functionality.
Carbon component-based Audio Units are deprecated and support will be removed in a future release.
Legacy Core Audio HAL audio hardware plug-ins are no longer supported. Use Audio Server plug-ins for audio drivers.

AVFoundation

New Features

AVFoundation now supports encoding video with alpha channels using HEVC. Videos encoded in this manner are broadly supported in AVFoundation APIs and by Safari within web pages. Technical details of the format can be found in the Interoperability Profile specification. (8045917)

Deprecations

The previously deprecated 32-bit QuickTime framework is no longer available in macOS 10.15.
The symbols for QTKit, which relied on the QuickTime framework, are still present but the classes are non-functional.

Books

Resolved Issues

Audio books appear correctly after migrating. (50823065)
You can consistently import books into your library. (50962112)
Locally downloaded cloud items don’t move back to iCloud after upgrading to macOS Catalina beta. (51306790)
If the ‘Restrict books with explicit content’ setting is enabled, your purchased books are no longer unexpectedly hidden. (51602141)
Books stored in iCloud Drive appear without delay in your Library. (51435740, 50776390)

Camera

Known Issues

Apps using Picture Taker must specify the NSCameraUsageDescription key to access the FaceTime camera. (47916725)

Console

Resolved Issues

Applying a filter to console messages consistently succeeds. (51524242)

Core Image

New Features

The init(imageURL:options:) and init(imageData:options:) initializers no longer support RAW decoder versions earlier than 6. Version 6 and later remain supported. (50911303)
Added new APIs for instantiating and modifying the built-in Core Image filters.
The CICoreMLModel filter is enhanced to support models with an input or output of type MLFeatureType.multiArray.
Metal CIKernel instances now support arguments with arbitrarily structured data.
Metal CIKernel instances now support returning a group of two by two pixels.
The integer values of CIFormat symbols, such as ARGB8, have changed to a new set of values which are consistent across platforms. The former values remain supported for backward compatibility; however, you should avoid dependancies on specific numerical values.

Core Media

Resolved Issues

You no longer see unexpected results when creating 10-bit HEVC video content. (50322535)

Device Management

Resolved Issues

Sending a Volume Purchase Program download request to a client from a Mobile Device Management server might cause an authorization dialog to appear on the client. (49376544)

DriverKit

Known Issues

DriverKit drivers don’t build in macOS Catalina beta 4. Continue using beta 3 for DriverKit development. (52858797)

Resolved Issues

The Filter Packet network extension type and NWEthernetChannel API now work with network interface drivers implemented using DriverKit. (48709552)

EndpointSecurity

Known Issues

High frequency AUTH events such as ES_EVENT_TYPE_AUTH_READLINK triggered by logd might cause the client to become unresponsive. (52211117)
The es_mute_process(_:_:) interface doesn’t mute processes. (53017708)
es_copy_message(_:) isn’t functional. (53013028)

Resolved Issues

Your Mac starts correctly when an EndpointSecurity extension that contains the NSEndpointSecurityEarlyBoot key is installed and then uninstalled. (52010655)
The exec and open events are cached and invalidated correctly when the file is manipulated. (45497117)
The cache flag for es_respond_auth_result(_:_:_:_:) and es_respond_flags_result(_:_:_:_:) is no longer ignored. (49071387)
EndpointSecurity system extensions have access to early boot events. (49487645)
The original_ppid field of es_process_t is set properly. (50746916)

Deprecations

The kauth API will be removed in a future release. (50419013)

FileVault

Resolved Issues

Password reset for FileVault volumes from macOS Recovery functions as expected. (50455695)

Final Cut Pro

Resolved Issues

You can consistently access content from your Photos library. (51600540)

Finder

Resolved Issues

Finder no longer quits unexpectedly when you try to restore using the Time Machine interface. (49398715)
Files can be copied from and deleted on an iOS device using the Files tab in Finder. (48649759)
You can now download folders from iCloud properly. (50855741)
When iCloud Desktop is enabled, attempting to drag a volume mounted on the desktop no longer results in the volume being copied to the Desktop. (51187890)

iCloud

Known Issues

If you’re using iCloud Desktop and Documents and documents saved to your Desktop aren’t appearing, turn iCloud Drive off and then on again. (51569326, 52731989)
The Cloud Files section in About This Mac > Storage > Manage might inaccurately represent the current state of files on your Mac. (50362095)
Even when Optimize Storage is switched off, iCloud Drive might fail to automatically download all files. (50667204)Workaround: Download files individually.
When creating a new Pages, Numbers, or Keynote document in a shared folder, you might see the message “Couldn’t connect to iCloud”. (50827963)Workaround: Close and reopen the document.

Resolved Issues

All of your iCloud Drive data is consistently present after upgrading to macOS Catalina beta. (51787170, 51950018)
Documents download correctly in iCloud Drive. (52295165)
There are no longer multiple empty Application libraries within iCloud Drive. You can safely remove any empty folders. (51635803)
The content of folders inside an iCloud Shared Folder is available to other users viewing your shared folder. (51591135)
Turning off the Siri switch in iCloud settings correctly stops Significant Locations from syncing. (50908297)
Pages, Numbers, and Keynote documents in shared folders correctly show an error message when you try to access them from iCloud.com. (50738067)

iWork

Known Issues

Attempting to open iWork documents in Finder will unexpectedly create a .cpgz file if the corresponding iWork app isn’t installed. (40693892)Workaround: Install the corresponding app from the App Store before opening the document.

Localization

Known Issues

Certain languages might exhibit clipped or misaligned layout. (51068688,50983852)
Certain languages might display unlocalized text. (47765173,51196633)

Mac Catalyst

Known Issues

MPMediaPickerController might not display the contents of your library. (51785735)
AppKit and Mac Catalyst apps are currently view-only clients of PencilKit. (51146823)
In order to show a share sheet from a toolbar item using the UIActivityViewController, create the NSToolbarItem using the init(itemIdentifier:)initializer and pass it a UIBarButtonItem configured as a UIBarButtonItem.SystemItem.action. There is no need to set the barButtonItem property. (47292316)
The UIScreen class’s isCaptured API isn’t currently supported. (48360589)
The current property on UIDevice and the OS Product Name is currently returned as iOS rather than macOS, which can affect diagnostic logs generated by your system. (49792004)
Event handling in extension contexts may produce unexpected results, including failure to deliver trackpad pinch and zoom gestures. (50145462)
When sending Mail attachments via MessageUI, each attachment might appear as two icons when viewed by the recipient. (50369995)
Controls drawn with accent color incorrectly maintain their active color when the window is inactive. There is no need to work around this in your app. (50563638)
The UIKit module currently doesn’t import the newly added NSToolbar and NSTouchBarheaders, NSToolbar+UIKitAdditions.h and NSTouchBar+UIKitAdditions.h. You can import these headers directly in Objective-C, or you can create a bridging header to import them for Swift. Be sure to import Foundation before importing these headers. (50704322)
When your Mac Catalyst app is launched directly into the background, it experiences all the state transitions of a regular app launch — such as application(_:didFinishLaunchingWithOptions:) and applicationDidBecomeActive(_:) — followed by state transitions to return to background state from there — applicationWillResignActive(_:) and applicationDidEnterBackground(_:). This will soon be updated to match iOS, where your app will receive only applicationDidFinishLaunching(_:), and only if it wasn’t already running. (50742219)
For Mac Catalyst apps to save to Photos Library, explicitly linking the Photos framework is required. (50781430)
Opening a CloudKit share URL might not launch a Mac Catalyst app that’s present on the system. Additionally, the system might not take the user to the appropriate App Store page to download an app which isn’t present on the system. (50877241)
Action and share extensions might exhibit visual anomalies. (51005363)
All assets at 3x scale factor are currently ignored when compiling the asset catalog for Mac Catalyst apps. Because the search begins with the universal asset, assets for a specific memory or graphics class won’t be found. For example, if you provide an image and only give a 6GB and Metal 5v1 asset, it won’t be found at runtime. It’s recommended that you provide all images as vectors to allow generation of the correct scale factors, or at minimum provide 2x versions of the assets. If you’re classifying resources based on memory and graphics families then you should provide “Any Memory” and “Any Graphics”. (51033745)
CallKit CXAction instances might return an error. (51074735)
When creating a Mac Catalyst app from your iPad app, Xcode automatically generates a unique Mac bundle identifier. If you have an existing Mac bundle identifier you’d prefer to use, you can do so by using manual signing in Xcode. (51076014)Follow these steps to configure your project, AppID, and provisioning profile:

Sign in to Apple Developer, then select Certificates, Identifiers, and Profiles.
In the Identifiers section, select your iOS app identifier to edit.
Check the Mac Catalyst capability to enable it, then click the Configure button.
Choose Use an existing macOS AppID and select the identifier you’d like to use from the popup menu. Click the Save button to finish editing your AppID.
In the Profiles section, click the + button to create a new profile, select ‘macOS App Development’, and click Continue.
Select your iOS AppID from the popup, click Continue, and complete the rest of the profile creation flow. When finished, click the Download button.
In Xcode, select your project to view the Project Editor and select your app’s target. Then select the Build Settings tab.
Set the Derive Mac Catalyst Product Bundle Identifier setting to No.
Expand the Product Bundle Identifier build setting to view its configurations. Next to the Debug configuration, click the + button to add a conditional value.
For the build setting condition, select Any macOS from the popup menu. Edit the value of the conditional build setting to match the macOS bundle identifier you want to use. Repeat this step for all configurations in your project.
In the Signing & Capabilities tab, uncheck Automatically manage signing.
For your macOS app, select Import Profile from the Provisioning Profile popup and then select the profile you downloaded earlier.

Resolved Issues

Apps no longer launch in the foreground without user input if the app uses APIs that might result in a background launch. (51287556)
The UIGraphicsRenderer class’s default() function no longer returns the nonextended color range renderer format by default. (51303954)
The UIDevice class’s name properly reports itself in Mac Catalyst apps. (51304085, 49792004)
You can now import AppKit and UIKit modules in the same compilation unit. (48094910)
The completion handler is no longer invoked with an error when donating interactions using the INInteraction class on macOS. (48371526)
The productsRequest(_:didReceive:) method from StoreKit currently returns with didFailWithError and products aren’t loaded. (51028870)
MTKView objects might render correctly. (51084042)

Mail

Known Issues

If your Mac contains both macOS Mojave 10.14 and macOS 10.15 volumes, you might experience issues searching in Mail. (46611310)Workaround: While running macOS Mojave 10.14, open Terminal and execute the following command:sudo touch /.metadata_never_index_unless_rootfsReboot into macOS 10.15, open Terminal and execute the following command:sudo touch /System/Volumes/Data/.metadata_never_index_unless_rootfsReboot into macOS Mojave 10.14, open Terminal and execute the following command:sudo mdutil -E /Depending on the size of your Mail database, it might take many hours to reindex all content.

Music

Known Issues

Navigating using the back button might produce unexpected results. (51248128)
You might be unable to scroll content on shelves. (51248128)
Artwork changes might not immediately appear; playlists will be added in an upcoming beta. (51201715)
Music might not remember the previously selected tab when it’s relaunched. (50922604)

Resolved Issues

Music launches at the expected speed. (51207753)
You can log into the store regardless of whether you’re logging in from the country in which you’re currently located. (51105585)

Networking

New Features

All URLSessionTask instances with a GET HTTP method which contain a body will now produce the error NSURLErrorDataLengthExceedsMaximum. (46025234)

Known Issues

The NWEthernetChannel API doesn’t currently support VLAN interfaces. NEPacketTunnelProvider will see both tagged and untagged frames arriving on physical interfaces. Depending on the Ethernet driver, VLAN tags might be processed by hardware and thus stripped off the Ethernet frames thus NEPacketTunnelProvider won’t see the VLAN tag. (51275655)

Resolved Issues

An active Network Extension content filter configuration no longer interrupts the boot process indefinitely following a kernel panic. (50965627)

Deprecations

Support for FTP and File URL schemes for Proxy Automatic Configuration (PAC) is removed. HTTP and HTTPS are the only supported URL schemes for PAC. This affects all PAC configurations including but not limited to configurations set using Settings, System Preferences, profiles, URLSession APIs such as connectionProxyDictionary, and CFNetworkExecuteProxyAutoConfigurationURL(_:_:_:_:). (28578280)
SPDY support is removed from the URLSession and NSURLConnection APIs. Servers should use HTTP 2 or HTTP 1.1. (43391641)
The Network Kernel Extension API is now deprecated. (49284108)
NetBIOS is disabled in macOS 10.15 to speed up mounting, browsing, and connecting to SMB shares. Some older printers and file servers may require NetBIOS to connect. (51119111)To enable NetBIOS, you can create or edit the /etc/nsmb.conf file. If your system doesn’t already have an /etc/nsmb.conf file, use the following Terminal commands while logged in as an Administrator:echo "[default]" | sudo tee -a /etc/nsmb.conf echo "port445=both" | sudo tee -a /etc/nsmb.confTo disable NetBIOS, you can safely delete the /etc/nsmb.conf file.

Photos

New Features

To improve the Photos upgrade experience, Photos is testing database upgrades using a clone of the Photo Library. This clone doesn’t include the content of each photo, but does include faces metadata and a thumbnail image of each person in your library. It also contains metadata such as the asset name and the geographic location of the photo. It is created at ~/Pictures/macOS 10.15 Pre-Upgrade Backup, and you can manually remove this backup at any time. The clone will be removed automatically before the final release of macOS 10.15. (51033690)

Podcasts

Known Issues

The sidebar might render unexpectedly until quitting and relaunching the app. (51340728)
Deleting podcasts using About This Mac > Storage > Manage doesn’t update what’s shown in the Podcasts app until it’s relaunched. (50354510)
Setting “Automatically Download Episodes” to “Never” might not take effect. (50960777)
Manually checking for feed updates when Option-clicking the Podcasts app in the dock isn’t currently available. (50958585)Workaround: Quit and relaunch the app.
If Podcasts is placed in Full Screen mode, some UI elements might be obscured by the toolbar. (47125303)

Resolved Issues

Writing a review behaves as expected. (46173722)
Browse and Top Charts consistently display content from the expected country. (51681853)
A migration is no longer triggered even if there’s no content to migrate the first time you launch Podcasts. (51145044)

Privacy

Known Issues

Apps that previously asked for access to services in the System Preferences > Security & Privacy > Privacy pane might ask for approval again after updating to macOS Catalina beta 4. (51312574)

Quartz Composer

Deprecations

Starting in macOS 10.15, the Quartz Composer framework is deprecated and remains present for compatibility purposes. Transition to frameworks such as Core Image, SceneKit, or Metal. (50911608)

Screen Sharing

Resolved Issues

If the Mac you’re screen sharing with is running macOS 10.15 beta, you can now drag and drop onto the screen share. (50791710)

Screen Time

Known Issues

Users can click ‘One more minute’ multiple times per day instead of only once each time they reach a limit for that app. (48773803)
Screen Time > Content & Privacy > Content > Web Content > Allowed Websites Only isn’t currently enforced in macOS 10.15 beta. (50462899)

Scripting Language Runtimes

Deprecations

Scripting language runtimes such as Python, Ruby, and Perl are included in macOS for compatibility with legacy software. Future versions of macOS won’t include scripting language runtimes by default, and might require you to install additional packages. If your software depends on scripting languages, it’s recommended that you bundle the runtime within the app. (49764202)
Use of Python 2.7 isn’t recommended as this version is included in macOS for compatibility with legacy software. Future versions of macOS won’t include Python 2.7. Instead, it’s recommended that you run python3 from within Terminal. (51097165)

Security

Known Issues

Opening some .dmg files signed before June 1, 2019 using a Developer ID might incorrectly display an error message. All .dmg files signed using a Developer ID after June 1, 2019 must be notarized. For more information about notarization, see Notarizing Your App Before Distribution. (52234399)Workaround: Control-click the .dmg file in Finder and choose Open.

Spotlight

Known Issues

Mail messages might not display previews. (35678035)

Resolved Issues

Drives formatted using exFAT and FAT are searchable using Spotlight. (52271781)

SwiftUI

New Features

The EnvironmentValues structure has four new properties for reading accessibility values from the environment: accessibilityDifferentiateWithoutColor, accessibilityReduceTransparency, accessibilityReduceMotion, and accessibilityInvertColors. (51712481)
The color(_:) modifier is renamed foregroundColor(_:) for consistency with the more general foregroundColor(_:) modifier. (50391847)
The BindableObject protocol’s requirement is now willChange instead of didChange, and should now be sent before the object changes rather than after it changes. This change allows for improved coalescing of change notifications. (51580731)
The Collection protocol is extended to include a remove(atOffsets:) method and the MutableCollection protocol is extended to include a move(fromOffsets:toOffset:) method. Each new method takes IndexSet instances that you use with the onMove(perform:) and onDelete(perform:) modifiers on ForEach views. (51991601)
Added improved presentation modifiers: sheet(isPresented:onDismiss:content:), actionSheet(isPresented:content:), and alert(isPresented:content:) — along with isPresented in the environment — replace the existing presentation(_:), Sheet, Modal, and PresentationLink types. (52075730)
Updated the APIs for creating animations. The basic animations are now named after the curve type — such as linear and easeInOut. The interpolation-based spring(mass:stiffness:damping:initialVelocity:) animation is now interpolatingSpring(mass:stiffness:damping:initialVelocity:), and fluidSpring(stiffness:dampingFraction:blendDuration:timestep:idleThreshold:) is now spring(response:dampingFraction:blendDuration:) or interactiveSpring(response:dampingFraction:blendDuration:), depending on whether or not the animation is driven interactively. (50280375)
Added an initializer for creating a Font from a CTFont. (51849885)
You can style a NavigationView using two new style properties: stack and doubleColumn. By default, navigation views on iPhone and Apple TV visually reflect a navigation stack, while on iPad and Mac, a split-view styled navigation view displays. (51636729)When using the doubleColumn style, you can provide two views when creating a navigation view — the first is the master and the second is the detail. For example:NavigationView { MyMasterView() MyDetailView() } .navigationViewStyle(.doubleColumn)

Known Issues

Using Xcode 11 beta 3 with macOS Catalina beta 4 prevents SwiftUI previews from working. Update to Xcode 11 beta 4 when it becomes available. (52082331)
Image instances don’t use resizing information configured in asset catalogs. Configure the size of an image using the resizable(capInsets:resizingMode:) modifier instead. (49114577)

Resolved Issues

View modifier methods return opaque views (some View) rather than complex generic types. (46140669)
ScrollView instances always size themselves as expected for their content. (49204262)
The tabItemLabel(_:) modifier — now named tabItem(_:) — now accepts @ViewBuilder closures. (51502668)

Deprecations

The identified(by:) method on the Collection protocol is deprecated in favor of dedicated List(_:id:) and ForEach(_:id:) initializers. (52976883)
The relativeWidth(_:), relativeHeight(_:), and relativeSize(width:height:) modifiers are deprecated. Use other modifiers like frame(minWidth:idealWidth:maxWidth:minHeight:idealHeight:maxHeight:alignment:) instead. (51494692)

SystemExtensions

Resolved Issues

Approving system extensions using Mobile Device Management is now available. (50553712)
Upgrading system extension versions is now supported. (48943883)

Voice Memos

Resolved Issues

Location-based naming is now available. (48048663, 50743045)
Voice Memos synced from iCloud might not finish downloading. (49512619)
The File menu might be unexpectedly empty. (51475831)

Xcode

Resolved Issues

Swift interfaces for several new URLSession APIs are now available. (50517967)

Deprecations

Command line tool support for Subversion — including svn, git-svn, and related commands — is no longer provided by Xcode. If you need Subversion or related command line tools, install the Command Line Tools package by running xcode-select --install. (50266910)

10.15 (19A512f) Beta 4

Apple Releases Fifth Beta of macOS Mojave 10.14.6 (18G78a) Beta 5

MrMacintosh.com - macOS Mojave 10.14.6 (18G78a) Beta 5 - 07/15/19 — *macOS Mojave 10.14.6 (18G78a) Beta* 5 – 07/15/19

Yesterday Apple released macOS Mojave 10.14.6 (18G78a) Beta 5 to Developers and Public Beta Testers.

macOS Mojave 10.14.6 (18G78a) Beta 5 was released yesterday July 15th, 2019 at 12:00 CST. As a MacAdmin it’s important you take time to test Apple’s Beta Releases. Beta 5 patch notes only mention one which is the same fix that was in the Beta 3 and 4 patch notes. Beta 5 may be the last beta Mojave ever gets.

Final call for last minute fixes in Mojave!

If you look at previous releases(10.11,12 & 13) the 10.14.6 update will most likely be the last update Mojave receives before 10.15 hits. Be sure to get all your last minute bug fixes into Apple ASAP. Now that 10.15 Beta 3 is out most engineers have moved to the new OS.

Overview

The macOS 10.14.4 SDK provides support for developing apps for Macs running macOS Mojave 10.14.6. The SDK comes bundled with Xcode 10.2.1 available from the Mac App Store. For information on the compatibility requirements for Xcode 10.2.1, see Xcode 10.2.1 Release Notes.

Security

Resolved Issues

The system now registers tickets stapled to installer packages that aren’t scanned by Gatekeeper. As a result, newly installed kernel extensions load properly when internet access is unavailable, which can occur if a user launches installation from a local folder or an enterprise uses automated tools to deploy an installer. If you’re deploying an app to macOS Mojave 10.14.5, follow the workaround listed in the Known Issues section of macOS Mojave 10.14.5 Release Notes. (50205533)

IMPORTANT NOTE:

Don’t forget that the AD Mobile Account option to “Update Keychain Password” when resting your password outside the Mac is still broken in 10.14.5. This issue is still not fixed in 10.14.6 Beta! Be sure to contact Apple if you haven’t already done so!

mrmacintosh.com/10-14-4-update-breaks-update-keychain-password

Link to Apple’s Public Developer Documentation

developer.apple.com/documentation/macos_release_notes

Previous 10.14 Beta Releases

4th macOS Mojave 10.14.6 Beta 4 (18G71a) – 07/09/19 – Release Notes
3rd macOS Mojave 10.14.6 Beta 3 (18G59b) – 06/24/19 – Release Notes
2nd macOS Mojave 10.14.6 Beta 2 (18G48f) – 06/11/19 – Release Notes
1st macOS Mojave 10.14.6 Beta 1 (18G29g) – 05/15/19 – Release Notes
5th macOS Mojave 10.14.5 Beta 5 (18F131a) – 05/07/19 – Release Notes
4th macOS Mojave 10.14.5 Beta 4 (18F127a) – 05/01/19 –Release Notes
3rd macOS Mojave 10.14.5 Beta 3 (18F118d)
2nd macOS Mojave 10.14.5 Beta 2 (18F108f)
1st macOS Mojave 10.14.5 Beta 1 (18F96h)

How to download macOS beta releases

Sign up Public Beta – Apple Beta Software Program
Sign up as an Apple Developer (Yearly $100)
Contact your Apple SE to join AppleSeed for IT

macOS Mojave 10.14.6 (18G78a) Beta 5

How to Remediate the Zoom Vulnerability with Apple Malware Removal Tool

MrMacintosh.com - Voom Vulnerability How to remediate with Apple's Malware Removal Tool or MRTConfigData — Remediate the Voom Vulnerability with Apple’s Malware Removal Tool or MRTConfigData v1.45

Zoom Vulnerability / Exploit and RCE

UPDATE: 07/18/19 – I put together a new blog update that includes 14 total Zoom Variants, New MRTConfigData 1.47 along with new information, fixes and links! – mrmacintosh.com/zoom-vulnerably-remediation-14-total-variants-index-of-mrt-links-info/

Yup, the Zoom Vulnerability has been THE talk of the MacAdmins community for the past 2 days. This stuff moves very fast and you have to keep an eye out! We will be The vulnerability was first released by Jonathan Leitschuh. This is not just Zoom but also Ringcentral and possibly BlueJeans. A statement Link from BlueJeans is below.

How do I remediate CVE-2019-13450?

Below are three options you can look through.

Option #1 Install Updated Zoom.app
Option #2 Option #2 Apple MRT – Malware Removal Tool
Option #3 Manual Removal + Scripts and links

Option #1 Install Updated Zoom.app 4.4.53932.0709

Install the new version of Zoom zoom.us/support/download

This version should remove everything including the WebServer installed to ~/.zoomus

From blog.zoom.us/wordpress/2019/07/10/security-update-and-our-ongoing-efforts/

Tuesday, July 9
Zoom issued an update to our Mac app with the following:
Removed the local web server via a prompted update
Allowed users to manually uninstall Zoom. This new option to the Zoom menu bar allowed users to manually uninstall the Zoom client, including the local web server. A new menu option says, “Uninstall Zoom.” By clicking that button, Zoom’s app and web server are removed from the user’s device along with the user’s saved settings
Wednesday, July 10
Apple issued an update to ensure that the Zoom web server is removed from all Macs, even if the user did not update their Zoom app or deleted it before we issued our July 9 patch. Zoom worked with Apple to test this update, which requires no user interaction.
Weekend of July 13
We have a planned release for the weekend of July 13 that will address video on by default. With this release, first-time users who select “Always turn off my video” will automatically have their video preference saved. The selection will automatically be applied to the user’s Zoom client settings and their video will be OFF by default for all future meetings. (Returning users can update their video preferences and make video OFF by default at any time through the Zoom client settings.)

Option #2 Apple MRT – Malware Removal Tool

Apple in a very quick move released MRTConfigDat 1.45 at 5PM CST yesterday. According to TechCrunch

techcrunch.com/2019/07/10/apple-silent-update-zoom-app/

The Cupertino, Calif.-based tech giant told TechCrunch that the update — now released — removes the hidden web server, which Zoom quietly installed on users’ Macs when they installed the app.
Apple said the update does not require any user interaction and is deployed automatically.
TechCrunch

MrMacintosh.com - MRTConfigData v1.45 — MRTConfigData v1.45

Apple’s Malware Removal Tool will update on all 10.11, 10.12, 10.13 & 10.14 within 24 Hours

As long as you have sofwareupdate set to Automatically Check for Updates, Download New updates in the background & Install System Data Files and Security Updates. NOTE: 10.11 does not have the include-config-data option so you have to run sudo softwareupdate -ia -background

I need the update now!

Got you covered! You can use softwareupdate to manually install MRTConfigData 1.45. You can run this to list all available Xprotect Updates.

softwareupdate -l --include-config-data

To install the update you can run

softwareupdate -i MRTConfigData_10_14-1.45 --include-config-data

MrMacintosh.com - Manually download MRTConfigData using softwareupdate — Manually download MRTConfigData using softwareupdate

I am not sure yet if just installing the new update actually activates and runs MRT or not. This command works great because it ONLY installs the called out update. If you use softwareupdate -l --include-config-data it will install ALL softwareupdates including combo and Safari ETC.

Verify that you have 1.45

defaults read /System/Library/CoreServices/MRT.app/Contents/Info.plist CFBundleShortVersionString

To force MRT to update run

NOTE: If you are trying to run MRT.app remotely over ssh or by using an MDM, it needs to run as the logged in user at least in 10.14. In 10.12 and 10.13 MRT seems to run fine no matter the user. You can use the 2 lines of code below to get the logged in user then run the command as the user. The error you will get in 10.14 will say failedToReceiveProfileList.

MrMacintosh.com - Script to force MRT to run as the logged in user. — How you could run a quick small script as the logged in user.

Manual Command that you can run if you are logged in as the user.

/System/Library/CoreServices/MRT.app/Contents/MacOS/MRT -a

MrMacintosh.com - Manually updating MRT — Manually updating MRT on the fly!

Hat Tip to AndyInCali on MacAdmins Slack for the MRT -a !!!

Option #3 Manual Removal + Scripts and Links

Rich Trouton wrote a great script to manually remove zoom’s WebServer.

NOTE: Keep in mind trashing the app will NOT remove the ~/.zoomus Web Server. You will either need to kill the process and then overwrite the file like in Rich’s Script below or wait for MRT or install the new version which removes the Web Server.

derflounder.wordpress.com/2019/07/10/zoom-vulnerability-and-remediation-script/

You can follow a long thread on Jamf Nation

.jamf.com/jamf-nation/discussions/32561/zoom-exploit

You can also talk about the Zoom Vulnerability and join the #zoom channel in MacAdmins Slack.

MacOS Mojave 10.14.5 (18F2058) Forked Full Installer.app Released

MrMacintosh.com - macOS Mojave 10.14.5 (18F2058) Forked Build - MacBookPro15,4 & MacBookAir8,2

Today Apple Released a New Mojave 10.14.5 (18F2058) Forked Full Installer app

UPDATED: 07/10/19

In the past when Apple released a build it would start with a 2 digits followed by a letter. An example of this would be 18F132 which is a unified build of macOS Mojave 10.14.5. Just this morning Apple released new hardware which I covered here. Usually with new hardware comes a specific BuildVersion of the OS.

MacOS Mojave 10.14.5 (18F2058)

To find out if this really was a forked build, I cracked open the OSInstall.mpkg inside the new build. The build is listed as Product ID 041-69971 – 10.14.5 – 18F2058 and was released on 2019-07-09 (Today). Inside you will find the Distribution file. Inside this file you will find all the compatible boardIDs for this build. After comparing both Distribution files two new board ID’s popped up.

Mac-53FDB3D8DB8CA971 = MacBookPro15,4
Mac-226CB3C6A851A671 = MacBookAir8,2

Normally when you do a Google search on a board ID you will find a hit somewhere. In this case nothing…

Ace in the hole GeekBench.com

GeekBench.com is one of the most well known benchmarking sites around. When you run a benchmark with GeekBench it will put the results in a searchable database.

MrMacintosh.com - New Entry-Level 13" MacBook Pro 15,4 — Bingo!!! New Entry-Level 13″ MacBook Pro 15,4! Plus new iBridge!

Bingo, someone inside Apple ran this test or someone got an early review unit. Either way we know know what board ID Mac-53FDB3D8DB8CA971 is, a new 13″ MacBook Pro! Also notice the new iBridge/BridgeOS 16.16.5601.0.0,0. The Benchmark was only ran 6 days ago!

MrMacintosh.com - New MacBook Pro 15,4 13" MacBook Pro! — Matches the 1.7 Ghz of the GeekBench Score.

What is Mac-226CB3C6A851A671?

UPDATE: Found! MacBookAir8,2

Not totally sure yet, the best guess right now would be the updated 2019 MacBook Air. I will have to wait to confirm, when I find out I will update this post.

Found it!

MrMacintosh.com - New MacBook Air found! MacBookAir8,2 — Found! MacBookAir8,2

You can only download and install 10.14.5 (18F2058) on the newly released hardware.

As usually with forked builds you can only install this BuildVersion on the newly released hardware. You will also only be able to download this version using the Mac App Store or instalinstallmacos.py on said new hardware. Trying to download this from the Mac App Store on older hardware will get you the old 18F132 or 18F203. If you try to download (18F2058) using installinstallmacos.py using older hardware you will get Installer: Error – ERROR_90F0494CE3 Product installation failed or one of the very similar number errors.

This version is only recommended for the new hardware.

If you do get a hold of this version it DOES look to install to all compatible Mojave systems. The reason behind this is all the current Board ID’s are listed in the Distribution File. You can read more about this here when this happened with the 15″ MacBook Pro Supplemental Update.

Mojave 10.14.5 (18F2058) Forked

Apple Releases Forth Beta of macOS Mojave 10.14.6 (18G71a) Beta 4

MrMacintosh.com - macOS Mojave 10.14.6 (18G71a) Beta 4 — macOS Mojave 10.14.6 (18G71a) Beta 4

Today Apple released macOS Mojave 10.14.6 (18G71a) Beta 4 to Developers and Public Beta Testers.

macOS Mojave 10.14.6 (18G71a) Beta 4 was released today July 9th, 2019 at 12:00 CST. As a MacAdmin it’s important you take time to test Apple’s Beta Releases. Beta 4 patch notes only mention one which is the same fix that was in the Beta 3 patch notes.

Final call for last minute fixes in Mojave!

Overview

Security

Resolved Issues

The system now registers tickets stapled to installer packages that aren’t scanned by Gatekeeper. As a result, newly installed kernel extensions load properly when internet access is unavailable, which can occur if a user launches installation from a local folder or an enterprise uses automated tools to deploy an installer. If you’re deploying an app to macOS Mojave 10.14.5, follow the workaround listed in the Known Issues section of macOS Mojave 10.14.5 Release Notes. (50205533)

IMPORTANT NOTE:

mrmacintosh.com/10-14-4-update-breaks-update-keychain-password

Link to Apple’s Public Developer Documentation

developer.apple.com/documentation/macos_release_notes

Previous 10.14 Beta Releases

4th macOS Mojave 10.14.6 Beta 4 (18G71a) – 07/09/19
3rd macOS Mojave 10.14.6 Beta 3 (18G59b) – 06/24/19 – Release Notes
2nd macOS Mojave 10.14.6 Beta 2 (18G48f) – 06/11/19 – Release Notes
1st macOS Mojave 10.14.6 Beta 1 (18G29g) – 05/15/19 – Release Notes
5th macOS Mojave 10.14.5 Beta 5 (18F131a) – 05/07/19 – Release Notes
4th macOS Mojave 10.14.5 Beta 4 (18F127a) – 05/01/19 –Release Notes
3rd macOS Mojave 10.14.5 Beta 3 (18F118d)
2nd macOS Mojave 10.14.5 Beta 2 (18F108f)
1st macOS Mojave 10.14.5 Beta 1 (18F96h)

How to download macOS beta releases

Sign up Public Beta – Apple Beta Software Program
Sign up as an Apple Developer (Yearly $100)
Contact your Apple SE to join AppleSeed for IT

macOS Mojave 10.14.6 (18G71a) Beta 4

New Entry-Level 13″ MBPro, Updated MacBook Air + 12″ MacBook Dead

MrMacintosh.com - July 2019 Hardware Updates — July 2019 Hardware Updates

Today Apple Released Multiple Hardware Updates to it’s NoteBook Line.

The Mac Lineup has seen multiple hardware updates so far in 2019. The trend continues today with the July 2019 Hardware Updates. Today we have two updated Macs and two discontinued Macs.

2019 Entry-Level 13″ MacBook Pro

When released the 13″ Non Touch Bar MacBook Pro was supposed to be an affordable way to get into the MacBook Pro line. The model did not come with a Touch Bar or Touch ID. After it was released, two hardware refreshes passed and it never gained the T2 Security Chip. That all changes today with the new updated model. The new features are listed below.

8th-generation Intel Core quad-core processors
Touch Bar
Touch ID
T2 Security Chip
Still 2 ThunderBolt 3 Ports
Same Base Price of $1,299

The price is pretty important here because, you get all the features above yet the same price of the previous model that did not have Touch ID, Touch Bar or the T2.

Apple.com New Entry-Level 13″ Specs

2019 Updated MacBook Air

Apple today also updated the MacBook Air today after redesigning it in late 2018. The 2017 Model that was still for sale was finally discontinued. The 2017 Model carried on since late 2010.

Gained True Tone Display
Lowered Starting Price to $1099
2017 Model that was still for sale finally discontinued.

So long 2010-2017 MacBook Air! I really believe that this model was one of the greatest notebooks Apple has ever created.

Apple.com Updated MacBook Air

12″ MacBook Discontinued

I really liked the 12″ MacBook. It was super light and very portable, yet it lacked two things that would have made it a winner. I feel if it had Thunderbolt 3 and a 2nd port it would have sold a lot better. It’s too late for that now since it’s now dead. So long 12″ MacBook!

Lowered Internal SSD Cost Across Mac Line

Users have long complained about the SUPER high prices of Apple’s internal storage upgrades. Well today Apple has lowered the price for SSD Storage across the following models.

1TB SSD Upgrades have dropped by $200

iMac
MacBook Pro
Mac Mini

2TB Upgrades have dropped by $400

MacBook Pro
Mac Mini

4TB Upgrades have Dropped by $1400

MacBook Pro

This was a MUCH needed change as the prices for SSD storage did not even come close to current market prices.