Contrary to popular belief, Apple did not take down the High Sierra Internet Recovery server.
Since the beginning of 2023, macOS High Sierra Internet and local recovery broke. An investigation with OpenCore Legacy Patcher Co-Developer dhinak
Mid 2023, I started to see multiple posts about macOS 10.13 High Sierra recovery not working. We all know about the certificate expiring and date and time issues, but this issue was DIFFERENT. Near the end of 2023, I started investigating the issue. I was able to reproduce it every single time. Sure enough, Local hard drive command R and Internet Recovery are broken with the same “The Recovery Server Could Not Be Contacted” error. What does this mean and can it be fixed?
While I was able to identify the issue and reproduce it, I was not able to come up with an actual fix other than the #2 fix listed below and creating a macOS High Sierra Bootable install USB. Wonder if you only have 1 Mac and can’t create a recovery disk? You are stuck!
So I reached out to OpenCore Legacy Patcher co-author dhinakg. For those that don’t know dhinakg is an expert in all things involving Apple Software Update Server. After some time, he replied with the root issue and a perfect workaround solution! Jump to #1 for an explanation of what the problem is and # for the URL fix.
Thank You
I would like to thank dhinakg for helping me investigate this issue! You can follow him on twitter here = https://twitter.com/dhinakg
Up next? macOS Sierra Recovery install is also broken! who knows if we can also fix this issue.
My full demonstration walkthrough video on how to fix the recovery issue.
Table of contents
What is the root problem?
How to fix the issue?
Fix #1 Boot to a newer version macOS internet Recovery!
Fix #2 Create a macOS High Sierra bootable installer USB
This article will be continually updated as new information comes in.
Apple just released macOS Sonoma’s 3rd minor release update to the public! Let’s jump in and find out what’s new.
The Sonoma 14.2.1 is a security update that addresses CVE-2023-42940.
WindowServer
Available for: macOS Sonoma
Impact: A user who shares their screen may unintentionally share the incorrect content
Description: A session rendering issue was addressed with improved session tracking.
CVE-2023-42940: Craig Hockenberry
Safari 17.2.1 – Safari was updated for Sonoma, Ventura and Monterey but does NOT address any security fixes. Must be a bug fix but Apple does not list what it is.
My macOS Sonoma 14.2.1 Update Video
macOS Sonoma Patch Notes Summary
1. New Features –
2. New OS Enhancements –
3. Security Fixes – 1
4. Enterprise Changes –
5. Safari Security (Webkit) –
6. Full installer and M1 IPSW – 14.2.1 IPSW and full installers are now available!
7. OpenCore Legacy Patcher Users – Tested good with a small 14.2 KDK download issue.
8. Kernel Debug Kit – KDK for macOS 14.2 (23C64)
Full Apple Update Release list
macOS 💻 ✅
Sonoma – 14.2.1 (23C71)
Ventura – NONE – Current release = 13.6.3 (22G436)
This article will be continually updated as new information comes in.
Apple just released macOS Sonoma’s 2nd major release update to the public! Let’s jump in and find out what’s new.
NOTE #1 for OCLP Unsupported Mac Users: The OCLP 1.3.0 Update is live. The update is REQUIRED before you install the Sonoma 14.2 update if your Mac has an Intel Ivy Bridge, Haswell iGPU or Nvidia Kepler dGPU!
NOTE #2 : Sonoma 14.2 and Ventura 13.6.3 updates are now a universal. That means they unify all Mac hardware models into one build, including the new M3’s. The previous 2 updates were split into two separate build versions.
macOS Sonoma Patch Notes Summary
1. New Features – 4
2. New OS Enhancements – 10
3. Security Fixes – 19
4. Enterprise Changes –
5. Safari Security (Webkit) – 2
6. Full installer and M1 IPSW – 14.2 IPSW and full installers are now available!
7. OpenCore Legacy Patcher Users – Testing in progress
This article will be continually updated as new information comes in.
Apple just released macOS Sonoma’s 2nd minor dot release update to the public! Let’s jump in and find out what’s new.
NOTE: The Sonoma 14.1.2 Update is NOT a universal update and is split into 2 different BuildVersions (23B92) & (23B2091). Version is for all Supported M2 Macs and below. Version is for M3 Macs Only!
For macOS Sonoma this is the compatibility listfor each BuildVersion
14.1.2 (23B2091)
M3 Macs Only
14.1.2 (23B92)
M2 Macs and below
My macOS Sonoma 14.1.2 Update Video
In-the-wild Zero Day Safari Vulnerability!
NOTE: It has been reported that Safari CVE-2023-42916 & CVE-2023-42917 are being explored in the wild right now! This is why Apple did NOT wait until 14.2 to release this security update. Also note that Google patched Chrome for the associated CVE-2023-6345 vulnerability.
Apple also released the following app updates
Final Cut Pro 10.7
iMovie 10.4
Pro Video Formats 2.3
macOS Sonoma Patch Notes Summary
1. New Features – 0
2. New OS Fixes – 0
3. Security Fixes – 0
4. Enterprise Changes – 0
5. Safari Security (Webkit) – 2
6. Full installer and M1 IPSW – 14.1.2 (23B92) & (23B2091) IPSW’s and full installers are now available!
7. OpenCore Legacy Patcher Users – Testing in progress
This article will be continually updated as new information comes in.
Apple just released macOS Sonoma’s first minor dot release update to the public! Let’s jump in and find out what’s new.
NOTE: The Sonoma 14.1.1 Update is NOT a universal update and is split into 2 different BuildVersions (23B81) & (23B2082). Version 23B81 is for all Supported M2 Macs and below. Version 23B2082 is for M3 Macs Only!
For macOS Ventura this is the complete hardware compatibility list.
13.6.2 (22G2321)
Mac15,3 MacBook Pro 14” M3 base
Mac15,4 iMac M3 (24-inch, 2 USB, 2023) M3
Mac15,5 iMac M3 (24-inch, 3 USB, 2023) M3
13.6.2 (22G320)
Mac14,5 = MacBook Pro “M2 Max” 12 CPU/30 GPU 14″
Mac14,6 = MacBook Pro “M2 Max” 12 CPU/30 GPU 16″
Mac14,9 = MacBook Pro “M2 Pro” 10 CPU/16 GPU 14″
Mac14,10 = MacBook Pro “M2 Pro” 12 CPU/19 GPU 16″
MacBookPro18,1= MacBook Pro “M1 Pro” 10 CPU/16 GPU 16″
MacBookPro18,2 = MacBook Pro “M1 Max” 10 CPU/32 GPU 16″
MacBookPro18,3 = MacBook Pro “M1 Pro” 8 CPU/14 GPU 14″
MacBookPro18,4 = MacBook Pro “M1 Max” 10 CPU/24 GPU 14″
NOTE #2: from 14.1 update: Apple also released a document about legacy cameras and video devices after installing the Sonoma 14.1 update
2. New OS Fixes – 1 (fix is for M3 iMac & M3 14″ MBPro to update from 13.5)
3. Security Fixes – 0
4. Enterprise Changes – 0
5. Safari Security (Webkit) – 0
6. Full installer and M1 IPSW – 14.1.1 (23B81) & (23B2082) IPSW’s and full installers are now available!
7. OpenCore Legacy Patcher Users – OCLP 1.2.0 is now available! Tested good with 14.1.1, only issue is the auto patcher does not work after the update (will be fixed in 1.2.1) install the root patches manually after the 14.1.1 update.
This article will be continually updated as new information comes in.
Apple just released macOS Sonoma’s first point update to the public! Let’s jump in and find out what’s new.
UPDATE & WARNING for OpenCore Legacy Patcher Users of unsupported Macs! The Sonoma 14.1 Update is causing issues for Unsupported Mac modes that require a KDK update! HOLD OFF ON UPDATING TO 14.1 FOR NOW.
NOTE: Apple also released a document about legacy cameras and video devices after installing the Sonoma 14.1 update
6. Full installer and M1 IPSW – 14.1 IPSW and full installer are now available!
7. OpenCore Legacy Patcher Users – OCLP 1.1.0 is now available! tested good against 14.0, 13.6, 12.7 & 11.7.10. I have NOT tested against 14.1, 13.6.1 or 12.7.1
My macOS Sonoma 14.1 Update Video
my OpenCore Legacy Patcher 1.0.1 macOS Sonoma full walkthrough video!
Important Security Update for Ventura and Monterey
This is an important security update that patches 2 known zero day vulnerabilities. Also of NOTE, Apple put this note on the 13.6 security update page
This means that Apple will be releasing more information on additional security vulnerabilities soon.
Kernel
Available for: macOS Ventura
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
Security
Available for: macOS Ventura
Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: A certificate validation issue was addressed.
CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
macOS Ventura 13.6 Security Update
Released September 21, 2023
My macOS Ventura 13.6 Update Video
macOS Ventura Patch Notes Summary
1. New Features – none
2. Bug fixes – none
4. Enterprise Changes – None
3. Security Fixes – 2
4. Safari Security (Webkit) – 0
5. Full installer and M1 IPSW – Full installer and M1/M2 IPSW restore file released!
6. OpenCore Legacy Patcher Users – OCLP 0.6.8 – Tested good on 2011 MBPro 15″ (Non Metal) & 2015 MacBook Pro 15″ (Metal GPU)
Full Apple Public Update Release list
macOS 💻 ✅
Ventura 13.6 (22G120)
Monterey – 12.7 (21G725)
Big Sur – None – Current =11.7.10 (20G1427)
Safari – 16.6 (Ventura not updated) 16.6.1 (Updated Monterey & Big Sur Only)
macOS Ventura 13.5.2 (22G91) Update is now Available!
UPDATED: 9/19/23
This article will be continually updated as new information comes in.
Apple just released macOS Ventura 13.5.2 to the public! Let’s jump in and find out what’s new in this update.
This is an important security update that patches a known zero day vulnerability called BLASTPASS. A zero day means the exploit was actively used before Apple was able to fix it and patch it with 13.5.2.
UPDATE #2
Citizenlab the group that reported the venerability to Apple says the exploit is an “NSO Group iPhone Zero-Click, Zero-Day Exploit” CVE-2023-41064 CVE-2023-41061
“Apple’s Security Engineering and Architecture team and Citizen Lab believe that Lockdown Mode blocks this particular attack.“
CIS has issued a Security Bulletin 2023-100 that discusses the CVE-2023-41064 venerability. The recommendation is to patch ASAP for large and medium companies.
Impact: Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A buffer overflow issue was addressed with improved memory handling.
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School
My macOS Ventura 13.5.2 Update Video!
macOS Ventura Patch Notes Summary
1. New Features – none
2. Bug fixes – none
4. Enterprise Changes – None
3. Security Fixes – 1
4. Safari Security (Webkit) – None
5. Full installer and M1 IPSW – Full installer and M1/M2 IPSW restore file released!
6. OpenCore Legacy Patcher Users – Testing in progress with OCLP 0.6.8
