Month: September 2023

macOS Ventura 13.6 (22G120) Update is now Available!

UPDATED: 9/22/23

This article will be continually updated as new information comes in.

Apple just released macOS Ventura 13.6 to the public! Let’s jump in and find out what’s new in this update.

UPDATE: The Center for Internet Security just released a new advisory = 2023-108

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

MS-ISAC ADVISORY NUMBER:

2023-108

DATE(S) ISSUED: 09/21/2023 

OVERVIEW:

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.

https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2023-108

Important Security Update for Ventura and Monterey

This is an important security update that patches 2 known zero day vulnerabilities. Also of NOTE, Apple put this note on the 13.6 security update page

This means that Apple will be releasing more information on additional security vulnerabilities soon.

Kernel

Available for: macOS Ventura

Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: The issue was addressed with improved checks.

CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group

Security

Available for: macOS Ventura

Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: A certificate validation issue was addressed.

CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group

macOS Ventura 13.6 Security Update

Released September 21, 2023

macOS Ventura Patch Notes Summary

• 1. New Features – none
• 2. Bug fixes – none
• 4. Enterprise Changes – None
• 3. Security Fixes – 2
• 4. Safari Security (Webkit) – 0
• 5. Full installer and M1 IPSW – Full installer and M1/M2 IPSW restore file released!
• 6. OpenCore Legacy Patcher Users – OCLP 0.6.8 – Tested good on 2011 MBPro 15″ (Non Metal) & 2015 MacBook Pro 15″ (Metal GPU)

Full Apple Public Update Release list

macOS 💻 ✅

• Ventura 13.6 (22G120)
• Monterey – 12.7 (21G725)
• Big Sur – None – Current = 11.7.10 (20G1427)
• Safari – 16.6 (Ventura not updated) 16.6.1 (Updated Monterey & Big Sur Only)
• Xcode – Current 15.0
• Studio Display Firmware update = Current 17.0

iOS📱✅

• iOS – iOS 17.0.1
• iOS – iOS 17.0.2 (iPhone 15 Only)
• iPadOS – iPadOS 17.0.1
• iOS – iOS 16.7
• iPadOS – iPadOS 16.7
• audioOS – None – Current = 17.0 (21J354)
• tvOS – None – Current = 17.0 (21J354)
• watchOS – 9.6.3 (20U502)
• watchOS – 10.0.1 (21R360)

Table of Contents

• 1. Apple Links
• 2. Areas of interest for this update
• 3. Ventura Public & Beta Release History
• 4. macOS Ventura Full Installer.app
• 5. Apple Silicon M1 &M2 IPSW Restore file Update
• 6. macOS Ventura Update sizes
• 7. Apple Silicon M1 System Firmware Version
• 8. Apple Silicon M1 OS loader Version (iBoot)
• 9. Intel T2 BridgeOS Update
• 10. Safari Update
• 11. What’s new for enterprise in macOS Ventura
• 12. Security Content of macOS Ventura
• 13. macOS Ventura Release Notes / Patch Notes / Changes

Click “Continue Reading” for the rest of the article.

Continue reading “macOS Ventura 13.6 Update (22G120) Important Security Fix!”