macOS Catalina 10.15.7 Supplemental Update is now Available.
UPDATE 11/11/20: Apple has just released a full installer for macOS Catalina 10.15.7 that includes the Supplemental Update Security Fixes! No word of an updated combo update or a downloadable pkg yet. I will update if they become available!
Today Apple released the 6th Supplemental Update for macOS Catalina. With the release of 10.15.7, we thought Apple would continue with an easy way to identify updates. The 10.15.7 Supplemental update seemed to dash those hopes. The update does not even list any fixes in it. The only wording is
“macOS Catalina 10.15.7 Supplemental Update is recommended for all users and improves the security of macOS”
This tells us that the update only has security related fixes in it!
https://support.apple.com/en-us/HT211947
In the security link, Apple calls out 3 security vulnerabilities. I will go over them below.
The macOS Catalina 10.15.7 Update includes the following Security fixes.
macOS Catalina 10.15.7 Supplemental Update provides important security updates for your Mac.
This update is an important update due to this quote from Apple
A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
Apple
- The Supplemental Update patches the following
- FontParser arbitrary code execution = Found in the wild!!!
- Two Kernel Exploits = Both found in the wild!!!
- All three vulnerabilities have been reported to Apple from the Google Project Zero Team.
Treat this Supplemental Update as a High Priority!
Confusing Update Situation
We have a couple update scenarios that we need to discuss. Normally Apple releases new Delta and Combo Updates. This time we only have a delta update for 10.15.6 users. If you have anyone on 10.15.0-10.15.5 they will be offered the OLD 10.15.7 (19H2) Update. They will have to install the 10.15.7 Supplemental Update after!
- 10.15.7 users = NEW 10.15.7 Supplemental Update
- 10.15.6 users = NEW 10.15.7 Delta Update
- 10.15.0-10.15.5 users = OLD 10.15.7 Combo Update – Will need to install the 10.15.7 Supplemental Update after.
- 10.15.7 Full Installer = Remains OLD 10.15.7 (19H2) version and will need to install the 10.15.7 Supplemental Update after.
Hat Tip to my fellow Software Update Investigator Eric Holtam! Follow him on Twitter @eholtam
Apple’s Public Patch Notes / Release Notes Documentation
NOTE: Apple Documentation takes a little while to show up online after release. I will update when the new articles are made available.
https://support.apple.com/en-us/HT210642
developer.apple.com/documentation/macos_release_notes
developer.apple.com/documentation/macos-release-notes/macos-catalina-10_15_6-release-notes
For more detailed information about this update and previous updates, please visit: https://support.apple.com/kb/HT210642
Previous 10.15 Releases + Previous Patch Notes
- 22. 10.15.7 = (19H15) – Supplemental Update – Nov 5th 2020
- 21. 10.15.7 = (19H2) – Update – Sep 24th 2020
- 20. 10.15.6 = (19G2021) – Supplemental Update – Aug 12th 2020
- 19. 10.15.6 = (19G2006) – 2020 iMac Fork Re-Released – Aug 4th, 2020
- 18. 10.15.6 = (19G2005) – 2020 iMac Fork – Aug 4th, 2020
- 17. 10.15.6 = (19G73) – July 15th, 2020
- 16. 10.15.5 = (19F2200) – 16″ MBPro Update Fork – June 15th 2020
- 15. 10.15.5 = (19F2096) – 16″ MBPro Shipping Fork – June 15th 2020
- 14. 10.15.5 = (19F101) – Supplemental Update – June 1st, 2020
- 13. 10.15.5 = (19F96) – May 26, 2020
- 12. 10.15.4 = (19E2269) – 13″MBPro Shipping Fork – May 6th 2020
- 11. 10.15.4 = (19E287) – Supplemental Update – April 8th, 2020
- 10. 10.15.4 = (19E266) – March 24th 2020
- 9. 10.15.3 = (19D2064) – MBAir Shipping Fork March 23rd 2020
- 8. 10.15.3 = (19D76) – January 28th 2020
- 7. 10.15.2 = (19C57) – December 10th 2019
- 6. 10.15.1 = (19B2106) – 16″ MBPro Update Fork – November 13th 2019
- 5. 10.15.1 = (19B2093) – 16″ MBPro Shipping Fork – Nov 13th 2019
- 4. 10.15.1 = (19B88) – October 29th 2019
- 3. 10.15.0 = (19A603) – Supplemental Update Re-Released – Oct 21st 2019
- 2. 10.15.0 = (19A602) – Supplemental Update – October 15th 2019
- 1. 10.15.0 = (19A583) – October 7th 2019
macOS Catalina 10.15.7 Supplemental Update Changes, Info & Download Links
Supplemental Update
The “Supplemental Update” update is smaller in size because it only includes fixes for the previous point release only.
NOTE: The Supplemental update is ONLY for 10.15.7 Users
Download Link – waiting
Size = 1.21 GB
Product ID = 001-73001
Requirements = 10.15.7
Delta Update
The “Delta” update is smaller in size because it only includes fixes for the previous point release only.
NOTE: The Delta update is ONLY for 10.15.6 Users
Download Link – waiting
Size = 2.84 GB
Product ID = 001-57230
Requirements = 10.15.6
Combo Update
The “Combo” update is for all previous versions of Catalina.
Download Link – NONE! combo update is not available as this update is ONLY for 10.15.7 users.
Size =
Product ID =
Requirements =
Full Installer.app
It looks like a full installer was NOT released! Will update …
Below is the OLD VERSION (19H2)
Link – Catalina 10.15.7 Mac App Store
Size = 8.75 GB
Product ID = 001-51042
Requirements – 10.15 Catalina Requirements
T2 BridgeOS Update
UPDATE! T2 BridgeOS was updated!
Size = 417.7 MB
Product ID = 001-51038
BridgeOS Update Version = 17.16.16610.0.0
- 3. Previous 10.15.7 Update = 17.16.16610 = BuildVersion 6
- 2. Previous 10.15.6 Supplemental Update = 17.16.16610
- 1. Previous BridgeOS Update Version = 17.16.16065
Security Content of macOS Catalina 10.15.7 Update.
This document lists security updates for Apple software.
support.apple.com/en-us/HT201222
MacOS Catalina 10.15.7 Supplemental Update
https://support.apple.com/en-us/HT211947
The following security fixes are included in Catalina 10.15.7.
Released November 5, 2020
FontParser
Available for: macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild.
Description: A memory corruption issue was addressed with improved input validation.
CVE-2020-27930: Google Project Zero
Kernel
Available for: macOS Catalina 10.15.7
Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
Description: A type confusion issue was addressed with improved state handling.
CVE-2020-27932: Google Project Zero
Kernel
Available for: macOS Catalina 10.15.7
Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild.
Description: A memory initialization issue was addressed.
CVE-2020-27950: Google Project Zero
Catalina 10.15.7 Supplemental Update
Did I read that if you download the full Catalina installer via the Mac App Store that you will get the latest build without having to install additional?
https://apps.apple.com/us/app/macos-catalina/id1466841314?mt=12
Dear Mr. Macintosh,
With all of the recent late upgrades to Catalina and seeing more and more supplemental updates to a year old OS, I’m inclined to stay at Mojave and wait util the kinks are out of Big Sur and then go right from Mojave to Big Sur.
I am running a 13 inch Mac Air early 2014 which is a basic machine w/out any gaming apps and/or 3rd party apps. With the exception of Office 365 and a 2017 version of desktop only Quicken my machine is 99.9 percent as it was when it was purchased.
Does this decision make sense? I have always been one OS generation behind as the new OS comes out, I down load and install the prior year’s OS, but w/all the issues, I don’t want to be caught up on OS issues with Catalina while Apple is chasing potential BIG SUR issues .
Pls confirm my thoughts/ I am very pleased with the stability of Mojave and i’ve not updated Safari 14.0 nor the ‘supplemental upstate’ that now contains the Safari 14. There were just too many issues being reported and I was concerned that i’d have issues as well.
Thanks in advance for a reply to my thought process!
Bill Girolamo
Melrose MA
Anyone found the 10.15.6 delta download link yet? I could really use it.
No download links yet MacTroy. I will keep checking though!
its out
https://support.apple.com/kb/DL2060
The DL2060 link appears to be the 10.15.7 only (1.21 GB) delta. Any luck on the 2.84GB version for 10.15.6 machines?
It’s maybe here: https://support.apple.com/kb/DL2061
Size looks correct, but that page states “10.15.7” in the System Requirements, so who knows. Will give it a shot and report back.
How long does Apple take to upload a god damn redistribution download. I need it for 100 Computers
Agreed Danny, it really sucks for anyone who needs to support Macs at scale.
Thank you. I’m not usually hesitant to install an update but installing an update on blind faith, without any documentation, is not my way of doing things.
THe 10.15.7 Supplemental update is not downloading or updating. I have had this happen about three times now. Apple needs to get on the ball. They are making more and more mistakes and missteps since Steve jobs death. Can someone shed some light on this… If I decide to download and install an update manually, it should work, no? NO, it is now not working most of the time. The controls do not seem to work properly.
Eric,
Thank you for your replay and information regarding the Catalina install.
I sincerely appreciated this information.
Very Sincerely,
Bill Girolamo
If the same security hole is also in 10.14 (or 10.13) then apple will patch it soon. So rather than upgrading from 10.14 or earlier to 10.15 you could just wait a few days for a 10.14-security-update, and likely be safe while waiting, since:
“Google has provided no details about the attacks other than they’re targeted (meaning they go after specific individuals of interest) and they’re not related to the November elections.”
Dear Mr. McIntosh,
Is it realistic for me to be able o to go to the system preferences and download and install Cataina from there for my Mac Air 2014. I am still on Mojave and have NOT ventured into Catalina at all at this point.
Will i get the newest macOS Catalina 10.15.7 Supplemental Update Changes, Info & Download Links.
Please let me know when you can.
Thanks
Bill Girolamo
Bill,
Updating to Catalina from Mojave will only install the 10.15.7 19H2 build. After Catalina is installed, run Software Update again and the 10.15.7 Supplemental Update will be listed. Install that as well. You can get to the latest OS but it won’t happen automatically from the initial Catalina installation from Mojave.
-Eric