How to remove the firmware password on 2011-2020 Macs + New way for 2018-2020 T2 Macs!
You can now remove the firmware password (+ erase all data) on a T2 Mac without Apple Support if you forgot it.
In this article, I will go over the history of the firmware password on Intel Mac computers. After that, I will show you a new way how to remove the firmware password (and erase your data) on a T2 Mac from 2018-2020. (Scroll to section 6).
NOTE: This information is only for 2006-2020 Intel Mac computers. Apple Silicon M1 Mac Devices do not have a firmware password.
I will also go over my recommendations on how you can protect your data at the end of this article.
I will answer the following questions.
What does setting a firmware password on a Mac do?
What are the differences in firmware passwords from the following years – 2006-2010, 2011-2017 & 2018-2020?
How to you set the firmware password in recovery.
How to Enable & Disable Firmware Password in macOS.
What can you do if you forget the firmware password?
How to remove the firmware password with Apple Support.
Removing the firmware password on a T2 Mac with Apple Configurator 2.
How long was this new way possible? Does anyone at AppleCare know about this?
What does this mean for education, small & large companies, home users, computer recyclers, and criminals?
Big Sur 11.0.1 (20B50) Released to block install for 2013-2014 13-inch MacBook Pro Users.
Big Sur 11.0.1 (20B50) was released to block 2013 & 2014 13″ MBPro’s from installing the OS. This move looks to be related to the Big Sur install problems with these models.
UPDATE 12/14/20 – Apple has added the Mac-189A3D4F975D5FFC BoardID back to the newly released macOS Big Sur 11.1 Full installer! It looks like Apple has found and fixed the issue with the installer that was causing problems! This means that you can now download, install and reinstall Big Sur 11.1 on your 2013-14 13″ MacBook Pro again.
UPDATE 11/25/20 – If you attempt to install Big Sur on your 13″ 2013-2014 MBPro, you might get this error.
Installation of macOS could not continue. installation requires downloading important content. That content can’t be downloaded at this time. Try again later.
If you are wondering about the Big Sur Installer issue for the 2013 & 2014 13″ MacBook Pro users, I wrote about the situation earlier this week.
To review, if you have a 2013 or 2014 13″ MacBook Pro and attempted to install macOS Big Sur, it was possible that the installer could brick your Mac.
When I say “brick” I mean that it boots to a black screen and is 100% non responsive. You can’t boot to recovery, USB installers, reset the pram or SMC.
The only option for users is to bring it in for repair. The reports say that Apple is saying that the logic board needs to be replaced at a price over 500$. Even worse some are being told it’s a vintage product and they can’t parts. This is FALSE, Apple will keep stock of parts up to 7 years.
Vintage products are those that have not been sold for more than 5 and less than 7 years ago. Mac, iPhone, iPad, iPod, and Apple TV vintage products continue to receive hardware service from Apple service providers, including Apple Retail Stores, subject to availability of inventory, or as required by law.Apple.com – https://support.apple.com/en-us/HT201624
https://support.apple.com/en-us/HT201624
Hopefully Apple will cover the cost of the repair for free.
The solution for now? Release a new macOS Big Sur Installer that removes both models from the Big Sur compatibility list.
The link below shows the list of Big Sur compatible Macs
If you can’t install macOS Big Sur on certain 13-inch MacBook Pro computers from 2013 and 2014. Follow these steps if you can’t install macOS Big Sur on a MacBook Pro (Retina, 13-inch, Late 2013) or MacBook Pro (Retina, 13-inch, Mid 2014). When you install macOS Big Sur on these Mac models, the installer might say that the update cannot be installed on this computer, or your Mac might start up to a blank screen or circle with a line through it.
Apple.com
The most important part of this article is this line
“or your Mac might start up to a blank screen“
This is exactly what will happen to some users if they install macOS Big Sur on their 2013 or 2014 13″ MacBook Pro.
Let’s look at the other parts of the note.
“the installer might say that the update cannot be installed on this computer“
This is because both models have been removed from the new Big Sur installer compatibility list.
“or your Mac might start up to a blank screen or circle with a line through it“
This might happen if you make a new USB installer of Big Sur 11.0.1 (20B50) and attempt to boot to it.
Removed from the Big Sur Compatible List?
The macOS installer has a file inside called the distribution file. For this release it’s called 001-83532.English.dist.
Compatible Macs for install are listed in this file as BoardID for older devices and DeviceIDs for newer models. The boardID we are looking for is
Mac-189A3D4F975D5FFC
This BoardID is for the MacBookPro11,1 or the 2013 & 2014 13″ MacBook Pro.
I keep a database of all Mac BoardID and DevicesIDs here
You can see the list of supportedBoardIDs – Mac-189A3D4F975D5FFC was removed from 11.0.1 (20B50)
This means that (for now anyway) you will not be able to install macOS Big Sur on your 2013 or 2014 13″ MacBook Pro.
Will Apple fix this issue and add them back later?
Unknown at this time. It’s possible that Apple will fix issue the Big Sur installer is causing to these models. They could then add the models back to the compatibility list later.
How to Restore BridgeOS on a 2018+ T2 Mac using Apple Configurator 2. How to Boot your Mac into DFU Mode
With Apple Silicon Macs, you can install macOS just like you can with iOS! I will show you how to boot your Apple Silicon Mac into DFU Mode so you can Restore macOS.
UPDATED 06/04/21
This article will go over how to restore macOS on your new Apple Silicon Mac. Your first line of defense for installing macOS on Apple Silicon should be macOS Recovery. But if for some reason you are having problems with that you can boot your Apple Silicon Mac with a Big Sur USB installer drive. I wrote an article covering all the changes to macOS Recovery here.
Order of that you should follow for reinstalling macOS on Apple Silicon.
1. macOS Recovery – Hold down the power button to enter the Boot Picker Menu (downloads macOS Big Sur over the internet 1-2 hours)
2. System Recovery – (Separate hidden partition – Will boot automatically if macOS Recovery is erased or damaged)
3. macOS Big Sur USB Installer Drive – External boot for macOS Installers is enabled by default on Apple Silicon – (Installs from USB 30-40 Min)
4. Apple Configurator 2 REVIVE option – This option will reinstall macOS Recovery if erased or damaged (retains user data on the hard drive)
5.Apple Configurator 2 RESTORE option – This option will Reinstall macOS Recovery, ERASE your hard drive and reinstall macOS (Fast install! 10 min)
Use macOS Recovery on a Apple Silicon M1Mac
Keep in mind, just like last time, some of the instructions for booting your Apple Silicon Mac are confusing. If you thought booting to DFU mode was a little difficult on T2 Macs… wait until you try on Apple Silicon. For one thing the ports used are the exact opposite of what was used on T2 Macs! Plus the process to get the Mac into DFU mode has changed! That’s why I’m writing this article, to better explain the instructions.
Mr. Macintosh video – how to boot your Apple Silicon Mac into DFU mode + reinstall macOS
Boot your M1 Mac Mini to DFU mode + Reinstall macOS Big Sur with Apple Configurator 2! UPDATED
Mr. Macintosh Deep Dive Tutorial on how to Restore macOS + Boot to DFU mode
Install macOS Big Sur on Multiple Macs using Apple Configurator 2!
Table of Contents
1. Updates
2. List of Apple Silicon Compatible Macs
3. Setup and Cable Requirements before you begin
4. Download Apple Configurator 2 app
5. How to Boot your Apple Silicon Mac into DFU Mode
6. Which Firmware version is your Mac on?
7. Instructions for the M1 13″ MacBook Pro & Air (2020)
8. Instructions for the M1 Mac Mini (2020)
9. Instructions for the M1 24″ iMac (2021)
10. You made it! Apple Configurator 2 Steps
11. Download macOS ISPW file
12. Begin Apple Silicon macOS Revive / Restore
13. Finishing Up
14. Can I Downgrade from an older version of macOS via IPSW Files?
UPDATE 4/13/21 – New DEEP DIVE video on using Apple Configurator 2 to reinstall macOS on multiple M1 Macs.
UPDATE 3/17/21 – I’ve added a new video that shows you how to use Apple configurator 2 to install macOS on multiple M1 Macs.
UPDATE 1/14/21 – Apple has released Apple Configurator 2 Version 2.13.3, be sure to update. I’ve also added a new Apple Silicon Mac Mini M1 Video above.
UPDATE 11/18/20 –Apple has released Apple Configurator 2 Version 2.13.2! Make sure you update. If you are still running 2.13.1 or below you will get an error when you click the restore button.
UPDATE 11/17/20 –Added a new section #6 to explain the problem booting to DFU mode if your Apple Silicon Mac is on it’s factory firmware of 6723.41.11
This is a list of Apple Silicon Macs that this process is compatible with.
1. 2020 M1 13″ MacBook Pro
2. 2020 M1 MacBook Air
3. 2020 M1 Mac Mini
4. 2021 M1 24″ iMac
3. Setup and Cable Requirements before you begin.
You will need to meet the following requirements –
(The Host Mac will do the work and the Target Mac is the Mac you need to Restore)
1. USB-C Mac as the Host Machine.
2. The Host Mac must have at least macOS 10.15.6 and Apple Configurator 2.13.1 or newer installed.
3. Internet access on the Host Mac – “You may need to configure your web proxy or firewall ports to allow all network traffic from Apple”
4. USB-C to USB-C Cable – The white Apple USB-C Charge will work fine. (USB-C Cable MUST Support Power & Data). Apple notes that a Thunderbolt 3 to Thunderbolt 3 cable is not supported but I’ve tested it and it works fine.
5. The Host Mac can have the cable plugged in anywhere.
6. The Target Mac MUST have the USB-C Cable Plugged in to the Left Hand side USB-C port. For Laptops the port closest to the back of the Mac or screen) For the Mac Mini it’s the port closest to the ethernet port. (BOTH LOCATIONS ARE OPPOSITE of the T2 Mac BridgeOS restore locations!)
If you don’t meet all the prerequisites booting to DFU Mode or Upgrading macOS Firmware might fail.
4. Download Apple Configurator 2
Download Apple Configurator 2 app. Version 2.13.1 or higher is required.
If you do not have Apple Configurator 2, you can download it now from the Mac App Store with this link.
5. How to Boot your Apple Silicon Mac into DFU Mode
With all the startup keyboard commands you can issue a Mac, booting into DFU Mode should be pretty simple right?
NOPE! (x2 this time for Apple Silicon!)
You have to follow a very particular sequence to get this to work. I have attempted to find the exact way to get this to work every time. Even then sometimes the system will refuse to Boot into DFU mode.
Apple’s Instructions
You can find Apple’s instructions for booting into DFU mode here.
If these instructions do not work fo you continue below.
Press the power button.
While holding down the power button, at the same time press all three of the following keys for about 10 seconds:
The right Shift key
The left Option key
The left Control key
After 10 seconds, immediately release the three keys but continue to hold down the power button until it appears in Apple Configurator 2.Note: You won’t see any screen activity from the Apple notebook computer.
Apple’s instructions for booting your Apple Silicon MacBook Pro & Air into DFU mode. Image: Apple Inc
6. Which Firmware version is your Mac on?
Did you update your Mac to Big Sur 11.0.1 from 11.0 when it arrived? If you didnt the firmware will be
6723.41.11
To find the firmware version click the Apple icon > About this Mac > System Report.
Look for System Firmware Version.
If you are on Big Sur 11.0 and firmware version 6723.41.11 you will need to boot to the macOS Recovery selection screen first before attempting to boot into DFU mode.
If you updated your Mac to 11.0.1 and are running Firmware Version 6723.50.2 or newer you can follow the normal instructions. You can boot to DFU mode from power off instead of booting to the macOS recovery selection screen first.
7. My Instructions for the M1 13″ MacBook Pro & MacBook Air
It has proven difficult to get an Apple Silicon Mac into DFU mode. You could try Apple’s instructions above multiple times and STILL not get into DFU mode.
Once you have meet all of the pre requisites above, follow the instructions below to should get you into DFU Mode every time.
1. The Target Mac must be OFF to begin.
2.Hold down the Power button,RightShift, Left Control and Left Option keys for 10 Seconds (count 1 one thousand) then let go of every key except for Power . Keep holding down the power button for an additional 8 seconds until you get to 18 seconds total. If you count more than 20 seconds and don’t see the DFU icon, you will have to try the process again.
3. When the Target Mac is booted into DFU mode correctly, the host will show a big DFU icon in Apple Configurator 2.
4. After you see the DFU picture pop up on the AC2 Host Mac you can let go of the Power Button.
macOS recovery screen you can now start the DFU mode keyboard command process
Visual instructions for booting your Apple SIlicon Mac into DFU Mode
8. Instructions for the M1 Mac Mini (2020)
The Mac Mini 2020 instructions are to use the USB-C port is closest to the Ethernet port.
How to boot a M1 Mac Mini 2020 into DFU mode to restore macOS – Image: Apple Inc
1. Disconnect the power cord from the Mac Mini.
2. Plug USB-C/Thunderbolt cable into the USB-C port next to the ethernet port.
3. Plug the other end into the Host Mac.
4. While holding down the power button, connect the Mac Mini to power and continue to hold the power button for about 3-5 seconds
5. You should now see the DFU logo on the Host Mac.
9. Instructions for the M1 2021 24″ iMac
The 24″ M1 iMac (2021) instructions are to use the USB-C port is closest to the magnetic power port. The instructions are the same for both the 2 and 4 port version.
How to boot a M1 iMac 2021 into DFU 2 or 4 port version. Use the USB-C port closest to the magnetic power plug. – Image: Apple Inc
1. Disconnect the magnetic power cord from the iMac.
2. Plug USB-C cable into the USB-C port next to the power port.
3. Plug the other end into the Host Mac.
4. While holding down the power button, connect the iMac magnetic power plug continue to hold the power button for about 3-5 seconds
5. You should now see the DFU logo on the Host Mac.
10. Instructions for the M1 2021 24″ iMac
11. Instructions for the M1 2021 14″ and 16″ MacBook Pro
12. Instructions for the M1 2022 Mac Studio
10. You made it! Apple Configurator 2 Steps
The hard part is now over. Now we can restore macOS on the Target Mac. When you first open Apple Configurator 2 the screen will look like this.
This is what you will see if the Mac is NOT booted to DFU mode.
This is what you will see when the MacBook is connected correctly with your USB-C cable and booted to the recovery selection screen.
Once your Mac is booted to DFU mode, you will see this screen on Apple Configurator 2. You are now ready for the next step.
When you see a big DFU icon when your Mac is properly booted into DFU Mode.
11. Download macOS ISPW file (Optional)
Apple Configurator 2 version 2.13.2 will automatically download needed IPSW file just like it can for iOS. Let’s say that you want to download the IPSW so you can restore multiple times for testing, you can get it from my database below.
Once you’ve downloaded the macOS IPSW file, you are ready for Restore.
12. Begin Apple Silicon macOS Revive / Restore
1. Revive Option
The revive option will ONLY reinstall macOS Recovery. Go to step 2 for Restore.
You are now ready to restore either macOS Recovery with revive by Clicking Actions > Advanced > Revive Device.
Right Click on the DFU icon – Select Advanced > Revive Device
Revive will reinstall macOS Recovery on your Apple Silicon Mac. This option retains user data.
2. Restore Option.
Restore will Reinstall macOS Recovery, ERASE your SSD hard drive and reinstall macOS.
2. Restore option – Reinstall macOS Recovery, ERASE your SSD hard drive and reinstall macOS.
You will now see a warning message. Do you want restore “MacBook Pro” to it’s Factory settings and latest firmware version?
Restore warning you the Restore process will erase your data and reinstall macOS
Click the Restore Button to begin. Step one will download the latest macOS IPSW Firmware file directly from Apple.
You can also drag the macOS IPSW File over to the DFU icon to begin the restore.
macOS Big Sur 11.0.1 IPSW Restore File – Drag this file over to the DFU logo to begin the restore.
After dragging the macOS 11 IPSW File over to the DFU logo you will get this pop up. You can select Restore to erase your drive and reinstall macOS. The process will only take about 15 minutes.
Ready to restore macOS, click Restore to begin.
Reinstalling macOS Big Sur from the IPSW file.
Step 2. Unzipping macOS
Step 2. Unzipping
Step 3. Installing macOS
Step 3. Installing BridgeOS
13. Finishing Up
If you would like to see more information you can click View and see a new activity window.
Apple Configurator 2 Activity window.
The entire process will only take a while. Most of the time is spent downloading the huge 13GB macOS Big Sur IPSW File. This is why it’s nice to keep the IPSW on an external hard drive or something. When you drag the IPSW File over to Apple Configuator 2, the restore will be super quick! Normally it only takes about 10 min!
When complete the Mac will automatically Boot up.
14. Can I Downgrade from an older version of macOS via IPSW Files?
The answer is YES, follow the link below for an explanation.
But only if the IPSW file is still signed by Apple. If Apple stops signing the IPSW file you will need to change the Boot Security to allow this. (Keep in mind Apple has not stopped signing any macOS installers yet, so we will see.)
15. Thanks
Hat tip goes out to macrumors forum user Nrwrit3r for the macOS Recovery menu workaround for older firmware!
NOTE 11/17/20! UNTIL I’M ABLE TO GATHER APPLE SILICON DATA I WILL LEAVE THE T2 BRIDGEOS TROUBLESHOOTING SECTION HERE.
I can’t get my Mac to boot into DFU mode. This is the toughest part of the whole process as I mentioned above. Keep trying the steps I listed above. Sometimes it takes multiple attempts to get his to work.
You can use System Information to see if the USB-C port lists your Mac in DFU Mode.
System Information showing a Mac plugged in booted to DFU Mode.
BridgeOS Restore Error 79- The OS Cannot be restored on this device. The Operation couldn’t be completed. (AMRestoreErrorDomain error 79 – Failed to handle message type StatusMsg) [AMRestoreErrorDomain – 0x4F (79)] – If you get this error it means that the BridgeOS update has failed and is unable to complete. The system will be unable to boot. When powered on the screen will be black. The Mac will have to be brought to an Apple Store for Service.
BridgeOS Restore Error – The OS Cannot be restored on this device. The Operation couldn’t be completed.
BridgeOS Restore Error 10 – The BridgeOS Restore failed! This is most likely because the host Mac was 1 or 2 OS Versions behind the Target Mac. The Host and Target Mac need to be on the same OS Version.
If your Target Mac is on 10.15, then your Host Mac needs to be on 10.15.
The OS Cannot be restored on this device.
The operation couldn’t be completed. (AMRestoreErrorDomain error 10 – Failed to handle message type StatusMsg) [AMRestoreErrorDomain – 0xA (10)]
BridgeOS Restore Error 10 – The Host and Target Mac need to be on the same OS Version.
Host Mac and Target Mac Disconnected during restore. – Error 4005
The OS Cannot be restored on this device.
Gave up waiting for device to transition from RestoreOS state to BootedOS State. [com.apple.MobileDevice.MobileRestore – 0xFA5 (4005)]
BridgeOS Restore Error 0xFA5 (4005)
This error will come up when the restore process has been interrupted.
Or, you might get this using Apple Configurator 2 version 2.12.1, as the process never seems to complete properly. If the Target Mac awakes to the login window the process is complete even though the progress bar is at 100%. After unplugging the USB-C cable you will get the error above.
Apple Configurator 2 Reports RECOVERY instead of DFU Status.
Apple Configurator 2 Reports RECOVERY instead of DFU Status.
If you see RECOVERY this means that BridgeOS is unable to boot and is the default status when you power on the Mac.
Failed BridgeOS Restore due to OS Version Mismatch! The Target Mac is a previous OS i.e 10.14 trying to restore a 10.15 Mac, the update will fail with an Error 10
If the Mac already failed the Upgrade, it could already be in this status. If so, you can attempt a BridgeOS restore.
Configurator could not perform the requested action. Apple Controller devices do not support this action.
This means that you selected Actions > Update, which is not supported. You need to select Actions > Advanced > Revive Device
Apple Configurator 2 BridgeOS Firmware Download Location.
Thanks MrMacintosh Reader Max C for letting me know the location of the BridgeOS Firmware files.
Apple Silicon macOS Big Sur IPSW Firmware Restore File Database
How to download Apple Silicon M1 macOS IPSW Restore Files. You can use them with Apple Configurator 2 and a 2nd Mac for quick restores.
UPDATED: 12/11/24
With the introduction of the new Apple Silicon M1 Mac, you can now reinstall macOS with Apple Configurator 2 and IPSW files just like iOS! This page is a database of all macOS IPSW Files. The macOS ISPW firmware files database will be updated when new updates are released.
Table of Contents
1.macOS Sequoia Final IPSW Firmware files
2. macOS Sonoma Final IPSW Firmware files
3. macOS Ventura Final IPSW Firmware files
4. macOS Monterey Final IPSW Firmware Files
5. macOS Big Sur Final IPSW Firmware Files
6. macOS Sequoia Beta IPSW Firmware files
7. macOS Sonoma Beta IPSW Firmware files
8. macOS Ventura Beta IPSW Firmware Files
9. macOS Monterey Beta IPSW Firmware Files
10. macOS Big Sur Beta IPSW Firmware Files
All download links are directly from Apple’s SUS Server.
For more information on how to reinstall macOS on your Apple Silicon Mac, I’ve written an article that goes over everything you need to know!
Mac Transition to Apple Silicon – Everything you Need to Know!
Apple Silicon Macs will be here soon!
Apple said the first Apple Silicon Mac will launch before the end of 2020. The launch date is quickly approaching, now is the time to get up to speed! I will be following my “Everything you need to know” format from my previous articles.
This article will be updated as new Apple Siliconinformation comes in.
The feedback that I’ve received from these has been really great. The big takeaway is that everyone really likes how all the information is all in one place. You are not wasting time looking for that one article, command or link.
NOTE: Everything in this article is public knowledge from Apple. Once the first Apple Silicon Mac ships, I will post more in depth articles.
Apple Silicon changes the way in which we enter recovery on the Mac. In the past, we had to remember multiple keyboard commands. On Apple Silicon, all you need to do is hold down the power button. In a few seconds, you will see the new Apple Silicon Startup Manager.
7. How to use the new start manager on Apple Silicon
To enter Apple Silicon Startup manager follow these steps.
1. Hold down the power button
2. You will see the message “Continue holding for startup options”
3. The next message will say “Loading Startup Options…”
4. You will now see the new Apple Silicon Startup Manager.
Apple Silicon Mac Startup Manager Options
The startup manager will show you the main boot disk (Macintosh HD) Boot icon and Recovery Options. Click “Options” to boot into macOS Recovery.
8. Internet Recovery is dead on Apple Silicon
Have you had trouble booting into Internet Recovery in the past? You are not alone. Now with Apple Silicon, Internet recovery is officially retired. It will still remain for Intel based Macs. For Apple Silicon we now have 3 different ways to reinstall macOS.
1. macOS Recovery = First line of recovery.
2. System Recovery = Hidden partition for when normal macOS recovery is not available.
3. macOS System Restore via DFU mode + Apple Configurator 2.
9. Apple Silicon macOS Recovery
Apple Silicon macOS Recovery is almost exactly the same as it is on Intel Based Macs. The only difference is Security Policy options was moved from the Menu bar to the “Startup Disk”.
First line of defense, is macOS Recovery.
10. Apple Silicon System Recovery
Apple Silicon System Recovery is a new hidden recovery option in addition to macOS Recovery. If for some reason macOS Recovery becomes corrupt, System recovery will load which is the same as macOS recovery. You can use it to reinstall macOS and macOS Recovery.
System Recovery is a hidden non deletable container. It’s a new way to reinstall macOS when recovery is not available.
11. Both macOS Recovery and System Recovery are not available?
The blinking folder icon is now retired. If the Mac is not bootable, you will now see an old friend.
The sad Mac returns when Macintosh HD, Recovery and System recovery are not available.
12. Apple Silicon External Boot Options – USB Installer
On Apple Silicon external boot remains, but has changed.
External Boot for the macOS installer is now enabled by default
You no longer need to enter Security Options to enable External Boot!
You can build out a USB Installer of macOS Big Sur and boot your Apple Silicon Mac to it. The big difference that ONLY the installer is available for a reinstall of the OS. You can NOT erase the drive in this mode.
You can now boot a USB macOS installer without enabling external boot in Security options! It’s enabled by default.
13. How to Use Apple Configurator 2 to reinstall macOS on Apple Silicon
If all options to reinstall macOS fail you can now use Apple Configurator 2.
This will help with rapid deployment in lab / school situations.
14. Apple Silicon Security Policy
We know that an Apple Silicon Mac will have 2 Security modes.
Apple Silicon Security Policy menu
1.Full Security = “iOS Security” – Only the latest signed version of macOS can be installed on an Apple Silicon Mac.
Full Security
Ensures that only your current OS, or signed operating system software currently trusted by Apple, can run. This mode requires a network connection at software installation time.
WWDC 2020
2. Reduced Security = Any version of macOS that was signed by Apple.
Reduced Security
Allows any version of signed operating system software ever trusted by Apple to run.
WWDC 2020
With the new Apple Silicon Security Policy, you can set a security policy for each container! On an Intel based Mac the security policy would be set on the entire system.
New Apple Silicon Security Policy can be set differently on each container.
15. Apple Silicon Compatible Versions of macOS
Will you be able to install older versions of macOS? A quick review;
Full Security = iOS based security, only the latest signed version of macOS can run on the system.
Reduced Security = Any version of macOS that was signed by Apple can run on Apple Silicon
Note: The shipping OS version will be the oldest OS available to install.
16. Can I downgrade macOS on Apple Silicon?
Yes! But only with your Apple Silicon Security Policy set to “Reduced Security”.
17. How to use SMB Mac Sharing Mode (Replaces Target Disk Mode – TDM)
Target Disk Mode has been retired on Apple Silicon. It was replaced with Apple Silicon Mac Sharing Mode.
Boot to macOS recovery and then select “Mac Sharing Mode” you will be able to transfer data over USB-C cable. You will need to authenticate with a SecureToken User that is on the host Mac.
Mac Sharing MOde replaces Target Disk Mode.
18. Apple Mac Mini Developer Transition Kit (DTK)
New Mac Developer Transition Kit with Apple Silicon, a comprehensive set of resources, and one-on-one technical support, you’ll have everything you need to get your Universal apps ready before Apple Silicon Macs become available to customers.– developer.apple.com/programs/universal/
Universal App Quick Start Program – Get your Universal apps ready. The Universal App Quick Start Program includes all the tools, resources, and support you need to build, test, and optimize your next-generation Universal apps for macOS Big Sur. – developer.apple.com/programs/universal/apply/
5. What’s New for Enterprise and Education WWDC 2020 June 2020 (v1.0) (AppleSeed Account Required)– appleseed.apple.com
6. AppleSeed – macOS 11.0 Big Sur Beta Release Notes(AppleSeed Account Required) – appleseed.apple.com
23. WWDC20 Video Links
Port your Mac app to Apple Silicon – Your porting questions, answered: Learn how to recompile your macOS app for Apple Silicon Macs and build universal apps that launch faster, have better performance, and support the future of the platform. We’ll show you how Xcode makes it simple to build a universal macOS binary.developer.apple.com/videos/play/wwdc2020/10214/
What’s new in managing Apple devices. – iOS, macOS, tvOS We’ve made significant strides in bringing crucial device management features to macOS. Discover how these features can help you manage your all your devices using the same tools and technologies. Get details on changes coming this year and how they will impact your deployment workflows– developer.apple.com/videos/play/wwdc2020/10639/
iPad and iPhone apps on Apple Silicon Macs. – Apple Silicon Macs can run many iPad and iPhone apps as-is, and these apps will be made available to users on the Mac through the Mac App Store. Discover how iPad and iPhone apps run on Apple Silicon Macs, and the factors that make your apps come across better.– developer.apple.com/videos/play/wwdc2020/10114/
Explore the new system architecture of Apple Silicon Macs – Discover how Macs with Apple Silicon will deliver modern advantages using Apple’s System-on-Chip (SoC) architecture. Leveraging a unified memory architecture for CPU and GPU tasks, Mac apps will see amazing performance benefits. developer.apple.com/videos/play/wwdc2020/10686/
24. MacAdmin Blog Links
This list is specifically for MacAdmins. This will be an ongoing list of articles and posts that will help you learn the latest 11.0 changes.
MacOS Big Sur 11.0 -10.16 (20A4299v) Beta 1 was released today on June 22nd, 2020 at 2:00 CST right after the keynote.
macOS Big Sur 11.0 Patch Notes
Just like last year, the 11.0 beta 1 patch notes list is huge! The amount of detail is just what MacAdmins are looking for! Let me give you some stats from the 11.0 Beta 1 Patch notes document.
Updating to macOS Big Sur 11 beta from previous versions of macOS might take significantly longer than expected. Data loss could occur if the update is interrupted. (59101197)
If macOS Big Sur 11 beta is installed into the same APFS container as previous versions of macOS, system software updates can no longer be installed on the previous versions of macOS. (64411484)
Installing a new kernel extension requires signing in as an Admin user. During kernel extension development, every time a kernel extension is changed, it must be signed and notarized. In both cases, your Mac must be restarted to load the extension. (55068348)
If you updated to macOS Big Sur 11 beta from a previous version of macOS, Software Update might show “Unable to check for updates – Failed to download the documentation for the minor update. Please try again later”. (63158434)Workaround Below
Kernel extensions using certain deprecated KPIs no longer load. Refer to the support page. While macOS Big Sur remains in development, you can temporarily disable System Integrity Protection to allow these deprecated extensions to load. (55068348)
macOS Big Sur 11 beta improves system security by requiring an administrator password when a certificate trust settings change is made in the admin trust domain. Running as the root user alone is no longer sufficient to modify certificate trust. User trust domain settings continue to require confirmation by entering the password for the user’s account.
Now that macOS Big Sur 11.0 Beta is live, start testing as soon as you can! You will want to submit any bugs that you find into Apple ASAP. If you get bugs in quickly, they could be fixed in the current beta cycle instead of waiting until after the public release. If not, you could be waiting months before the fix is put into a dot release combo update.
macOS Big Sur 11.0 (20A4299v) Beta 1 Release Notes
I always post the full patch notes to this page to document them for you. The reason behind that is that Apple will usually just replace over the old patch notes so you are then unable to see what was fixed in the previous release.
Overview
The macOS 11 SDK provides support to develop apps for Macs running macOS Big Sur 11. The SDK comes bundled with Xcode 12 beta. For information on the compatibility requirements for Xcode 12 beta, see Xcode 12 Beta Release Notes.
General
Known Issues
Important
Updating to macOS Big Sur 11 beta from previous versions of macOS might take significantly longer than expected. Data loss could occur if the update is interrupted. (59101197)
Third-Party Apps
Known Issues
CMake might not run, install, or might generate invalid outputs. (62905973)Workaround: Update to CMake 3.18rc1.
Accessibility
Known Issues
VoiceOver might be unavailable at certain times while installing macOS Big Sur 11 beta. (63025357)
You might be unable to set up Auto Unlock. (64120075)
Calendar
Known Issues
If you click the Directions button on a calendar notification, Maps might not launch as expected. (63697152)
It isn’t possible to edit Calendar widgets. (63984003)
Accounts might not be visible in Preferences. (64117985)
Continuity
Known Issues
Continuity Handoff isn’t currently available in macOS Big Sur 11 beta. (64140413)
Core ML
Known Issues
When setting isSynchronizationEnabled to true on a MLModelCollection, the initial download may take longer than expected to complete. The collection then becomes available. (64131243)
Deprecations
The default initializer on the auto-generated model interface has been deprecated in favor of init(configuration:). Please use init(configuration:) or the newly introduced .load() method and handle model load errors as appropriate. (64432588)
Desktop Picture
Known Issues
If the desktop picture was never changed from the default macOS Catalina 10.15 image, it will persist after updating to macOS Big Sur 11 beta, even though the new default desktop picture is displayed in Desktop and Screen Saver preferences. (64390185)
Installer and Software Update
Known Issues
If you updated to macOS Big Sur 11 beta from a previous version of macOS, Software Update might show “Unable to check for updates – Failed to download the documentation for the minor update. Please try again later”. (63158434)Workaround:
Start up from macOS Recovery.
If your data volume is encrypted, use Disk Utility to mount it.
In Terminal type rm -rf "/Volumes/Macintosh HD - Data/private/var/folders/zz/zyxvpxvq6csfxvn_n00000y800007k".
Restart your Mac.
You might need to adjust Energy Saver settings so your Mac doesn’t go to sleep while preparing to install macOS Big Sur 11 beta. (63166401)
APFS containers with non-default allocation block sizes aren’t currently supported for installation. (64312561)
Update iMac Pro to macOS High Sierra 10.13.6 or later before installing macOS Big Sur 11 beta. (64314272)
Installation might pause on Macs that don’t have input devices connected. (64348347)Workaround: Connect an input device and dismiss the alerts to continue installation.
You might be unable to install macOS Big Sur 11 beta onto additional volumes. (63677460, 64445236)Workaround: Create a bootable installer using the createinstallmedia command.
Software Update might unexpectedly indicate updates for your Mac are being managed by swscan.apple.com, instead of indicating your Mac is enrolled in the Apple Beta Software Program. This doesn’t impact your ability to update macOS Big Sur 11 beta. (64407436)
If macOS Big Sur 11 beta is installed into the same APFS container as previous versions of macOS, system software updates can no longer be installed on the previous versions of macOS. (64411484)
Installation on Core Storage Fusion volumes with FileVault encryption enabled isn’t currently supported. (64472080)
Kernel
New Features
The kern.argmax limit has been increased, allowing programs to receive longer argument lists. (48661669)
Darwin kevent now allows non-parent processes to register for NOTE_EXITSTATUS, which delivers the same values as the wait() family of functions in the event data. Refer to the wait4() man page for more information. This event is subject to the following security checks:
The requesting process is allowed to send signals by sandbox restrictions.
The requesting process and the target process are running as the same user or the requesting process has root privileges. (58134463)
Known Issues
Installing a new kernel extension requires signing in as an Admin user. During kernel extension development, every time a kernel extension is changed, it must be signed and notarized. In both cases, your Mac must be restarted to load the extension. (55068348)
Remote panic dumps aren’t currently available. (57915324)
New in macOS Big Sur 11 beta, the system ships with a built-in dynamic linker cache of all system-provided libraries. As part of this change, copies of dynamic libraries are no longer present on the filesystem. Code that attempts to check for dynamic library presence by looking for a file at a path or enumerating a directory will fail. Instead, check for library presence by attempting to dlopen() the path, which will correctly check for the library in the cache. (62986286)
kmutil install might fail to build a development kextcache. (63772702)Workaround: Copy the release .elides to the locations of the development .elides:sudo cp /path/to/livemount/System/Library/KernelCollections/BootKernelExtensions.kc.elides /path/to/livemount/System/Library/KernelCollections/BootKernelExtensions.kc.development.elidessudo cp /path/to/livemount/System/Library/KernelCollections/BootKernelExtensions.kc.elides /path/to/livemount/System/Library/KernelCollections/BootKernelExtensions.kc.kasan.elides sudo cp /path/to/livemount/System/Library/KernelCollections/BootKernelExtensions.kc.elides /path/to/livemount/System/Library/KernelCollections/BootKernelExtensions.kc.debug.elidessudo cp /path/to/livemount/System/Library/KernelCollections/SystemKernelExtensions.kc.elides /path/to/livemount/System/Library/KernelCollections/SystemKernelExtensions.kc.development.elidessudo cp /path/to/livemount/System/Library/KernelCollections/SystemKernelExtensions.kc.elides /path/to/livemount/System/Library/KernelCollections/SystemKernelExtensions.kc.kasan.elidessudo cp /path/to/livemount/System/Library/KernelCollections/SystemKernelExtensions.kc.elides /path/to/livemount/System/Library/KernelCollections/SystemKernelExtensions.kc.debug.elides
Use only absolute paths with the --volume-root option of kmutil, and don’t use a trailing /. (63773848)
After removing a DriverKit extension, restart your Mac to complete uninstallation. (63995046)
Adhoc signed kernel extensions are displayed with a developer name of unknown in update dialogs and in Security preferences. (64215260)
Symbols exported by both xnu and Apple kernel extensions will change. Recompile your kernel extension with each update to macOS Big Sur 11 beta to ensure compatibility. (64262563)
Moving a kernel extension bundle out of /Library/Extensions might not completely uninstall it. (64331929)Workaround:
Remove the extension from /Library/Extensions.
Boot to macOS Recovery.
Run Terminal.
Enter the command kmutil invoke-panic-medic.
Restart your Mac.
Follow the prompt to open System Preferences and navigate to Security & Privacy.
Follow the prompt to restart.
An unexpected System Extension Updated alert for third-party kernel extensions which are included in macOS might appear. These include: Accusys, Inc., ATTO Technology, Inc., Areca Technology Corporation, CalDigit, Inc., HighPoint Technologies, Inc., Promise Technology Mobile Apps, and Other World Computing. (64337113)
Deprecations
Kernel extensions using certain deprecated KPIs no longer load. Refer to the support page. While macOS Big Sur remains in development, you can temporarily disable System Integrity Protection to allow these deprecated extensions to load. (55068348)
Localization
Known Issues
Certain languages might exhibit clipped or misaligned layout. (63105445)
Certain languages might display unlocalized text. (63105674, 64040564, 64045718)
Some keyboard shortcuts might not work when running macOS Big Sur 11 beta in a language other than English. (63834383)
Location
Known Issues
Widgets have access to location information even if the NSWidgetWantsLocation key isn’t in their Info.plist. (61953645)
New APIs are available for using os_log from Swift as part of the os framework:
A new type Logger can be instantiated using a subsystem and category and provides methods for logging at different levels (debug(_:), error(_:), fault(_:)).
The Logger APIs support specifying most formatting and privacy options supported by legacy os_log APIs.
The new APIs provide significant performance improvements over the legacy APIs.
You can now pass Swift string interpolation to the os_log function.
Note: The new APIs can’t be back deployed; however, the existing os_log API remains available for back deployment. (22539144)
Mac Catalyst
Known Issues
Content Extensions require a temporary workaround. (57442394)Workaround: Add the following key/value pair to the NSExtension dictionary in the Info.plist: "NSExtensionContainingViewControllerClass" = "_UNNotificationContentExtensionViewController".
If Messages is launched immediately after logging into iCloud, a login window might be displayed unexpectedly. (56309057)Workaround: Relaunch Messages after a few minutes or try restarting your Mac.
You might be unable to type in the photo picker search field when attaching a photo. (60011306)Workaround: Click the search field, press the tab key, then click the search field again.
You might receive an alert that indicates the maximum number of pinned conversations has been reached. (62919406)Workaround: Pin the conversation using drag and drop instead of using a swipe action or quick action with Haptic Touch.
Keyboard navigation to move focus between controls isn’t currently available. (63987810)
Messages Preferences are inaccessible until at least one message has been sent or received. (64122975)
Autocomplete fields and conversation titles aren’t visible while Messages is in full-screen mode. (64134303)
Message outlines might be missing when printing or exporting a conversation as a PDF. (64181169)
The first and last name fields in Messages Preferences might be misaligned. (64346872)Workaround: Set up your name in Messages Preferences by following the placeholder text then close and reopen Messages Preferences.
Metal
Known Issues
The logs property isn’t currently available from Swift while using Shader Validation. (64055248)
Migration Assistant
Known Issues
You might need to reset the password for a Standard account after migration, if the previous password doesn’t work. (63878129)Workaround: Log into an Admin account and change the Standard account’s password in the Users & Groups system preference.
Motion
Known Issues
Many elements of the user interface are currently missing when running Motion on macOS Big Sur 11 beta. (62531765)
Music
Known Issues
Music might quit unexpectedly while using the search field. (64183834)
Networking
New Features
Experimental HTTP/3 support can be enabled in Safari via Experimental Features in the Developer menu, and enabled system-wide using the Terminal command defaults write -g CFNetworkHTTP3Override -int 3. (62969220)
Known Issues
HTTP/3 Draft 29 isn’t yet supported. (63524866)
Phone and FaceTime
Known Issues
Regular and emergency Wi-Fi calling using iPadOS 14 beta, macOS Big Sur 11 beta, and watchOS 7 beta isn’t currently available for T-Mobile USA customers. (63078572)
Quartz
Known Issues
Importing Quartz or PDFKit frameworks in the macOS SDK might result in an errors such as “Umbrella for module ‘Quartz.PDFKit’ already covers this directory”. (63886438)
Safari and Webkit
New Features
Support for Web Extensions is now available. Existing Chrome and Firefox extensions can be converted for Safari using xcrun safari-web-extension-converter and distributed through the App Store for use in Safari 14. (55707949)
Webpage Translation is now available in the U.S. and Canada. Supported languages include English, Spanish, Simplified Chinese, French, German, Russian, and Brazilian Portuguese. Safari will automatically detect if translation is available based on your Preferred Languages list. (64437861)
Known Issues
Safari might quit unexpectedly when opening the Start Page if Frequently Visited Sites are visible as thumbnails. (63945984)Workaround: Make the window wider, hide the sidebar, or Control-click on Frequently Visited Sites and choose View as Icons.
Security
New Features
macOS Big Sur 11 beta improves system security by requiring an administrator password when a certificate trust settings change is made in the admin trust domain. Running as the root user alone is no longer sufficient to modify certificate trust. User trust domain settings continue to require confirmation by entering the password for the user’s account. This change may affect you if one of the following is true:
You have written scripts which call /usr/bin/security add-trusted-cert -d ... as root.
Your process runs as root and calls the SecTrustSettingsSetTrustSettings function to trust a certificate.
Workflows that add trust settings in the admin trust domain, such as for an enterprise root certificate, may require modification if the user can’t authenticate as an administrator at the time settings are changed. (21855995)Workaround: Use Apple Configurator 2 to create and install a configuration profile containing your root certificate.
Spotlight
Known Issues
When quickly typing a search query in Spotlight, the result from a previous search might appear, then pressing return may create a wrong launch shortcut for subsequent queries. (64428836)Workaround: Type your query and click the desired result from the list that appears.
If you can’t find an application using Spotlight, launch the application at least once using Finder. (64463806)
SwiftUI
Known Issues
Disclosure groups in Forms might produce unexpected results. (64079102)
Nested disclosure groups generated by OutlineGroup might produce unexpected results. (64097731)
The SceneStorage property wrapper isn’t yet supported. (64414712)
A label used with a symbol image might appear misaligned. (60193698)
SystemExtensions
Known Issues
Driver extensions might not launch on-demand after installation. (51229724)Workaround: Disable System Integrity Protection, then launch Terminal and execute the following command before approving the newly installed driver: sudo touch /Library/DriverExtensions.
Touch ID
Known Issues
Touch ID might become unexpectedly disabled on Macs with a T2 Security Chip after installing multiple operating systems. (62608379)Workaround: Reset the SMC of your Mac.
Rebuilding against the iOS 14, macOS 11, watchOS 7, and tvOS 14 SDKs changes uses of GeometryReader to reliably top-leading align the views inside the GeometryReader. This was the previous behavior, except when it wasn’t possible to detect a single static view inside the GeometryReader. (59722992) (FB7597816)
MacOS Big Sur 11.0 – Updated Index of Need to Know Changes & Links
WWDC 2020 – macOS Big Sur 11.0
WWDC is here again! For the first time ever, Apple’s Worldwide Developers Conference will be 100% Virtual. MacAdmins everywhere are wondering what changes macOS Big Sur will bring and how deployment workflows will be affected. I hope to help you answer multiple question with this article. This year I will follow the same format as my previous MacOS 10.15 Catalina – Updated Index of Need to Know Changes & Links post. Be sure to check back frequently, I will keep you up to date with the latest macOS Big Sur 11.0 changes!
macOS Big Sur brings a refined new design, powerful controls, and intuitive customization options to the most advanced desktop operating system in the world.
Faster updates – Once macOS Big Sur is installed, software updates begin in the background and complete faster than before — so it’s easier than ever to keep your Mac up to date and secure.
Updated menu bar – The menu bar is now taller and more translucent, allowing your desktop picture to extend from edge to edge. Words lighten or darken based on the color of your desktop picture. And pull-down menus are larger, with more space between the lines to make everything easier to read.
Floating Dock – The redesigned Dock is lifted from the bottom of your display and is more translucent, allowing your desktop wallpaper to shine through. And app icons are all-new and even easier to recognize.
Updated Notification Center – A redesigned Notification Center puts all your notifications and widgets into a single, dedicated column. Notifications are automatically sorted by most recent, and redesigned Today widgets deliver information at a glance.
New icons for apps – App icons have been redesigned to feel both familiar and fresh. Icons have a uniform shape but retain the stylistic touches and details that give Mac its character.
New and updated sounds – System sounds are all-new and even more pleasing to the ear. The new system alerts were created using snippets of the originals, so they sound familiar.
New Control Center – Designed just for Mac, the new Control Center consolidates your favorite menu bar items into a single place to give you instant access to the controls you use most. Just click the Control Center icon in the menu bar and adjust Wi-Fi, Bluetooth, AirDrop, and other settings — without opening System Preferences.
Signed system volume – macOS Big Sur introduces a cryptographically signed system volume that protects against malicious tampering. It also means that your Mac knows the exact layout of your system volume, allowing it to begin software updates in the background while you work.
Safari extensions on the App Store – An all-new extensions category on the App Store showcases Safari extensions with editorial spotlights and top charts, making it easier to discover great extensions from developers. All extensions are reviewed, signed, and hosted by Apple for your security.
Privacy information on the App Store – A new section on each app’s page on the App Store will help you understand the privacy practices of the app before you download it.9 It’s similar to the way nutrition labels help you understand what’s in food before you buy it.
Self-reported privacy practices – Developers self-report their app privacy practices on the App Store.9 See the types of data their app might collect — like usage data, contact information, or location — and whether that data is shared with third parties.
App Privacy is Displayed in a simple format – Just as nutrition labels are convenient and easy to read, an app’s privacy information on the App Store is displayed in a consistent, simple format.9 This lets you quickly and easily understand the app’s privacy practices.
New Mac Developer Transition Kit with Apple Silicon, a comprehensive set of resources, and one-on-one technical support, you’ll have everything you need to get your Universal apps ready before Apple Silicon Macs become available to customers.– developer.apple.com/programs/universal/
Universal App Quick Start Program – Get your Universal apps ready. The Universal App Quick Start Program includes all the tools, resources, and support you need to build, test, and optimize your next-generation Universal apps for macOS Big Sur. – developer.apple.com/programs/universal/apply/
10. What’s New for Enterprise and Education WWDC 2020 June 2020 (v1.0) (AppleSeed Account Required)– appleseed.apple.com
11. AppleSeed – macOS 11.0 Big Sur Beta 1 (20A4299v) Release Notes(AppleSeed Account Required) – appleseed.apple.com
16. WWDC20 Video Links
Platforms State of the Union – iOS, macOS, tvOS, watchOS Join the worldwide developer community for an in-depth look at the future of Apple platforms, directly from Apple Park. – developer.apple.com/videos/play/wwdc2020/102/
Adopt the new look of macOS – Make over your Mac apps: Discover how you can embrace the new design of macOS Big Sur and adopt its visual hierarchy, design patterns, and behaviors. We’ll explore the latest updates to AppKit around structural items and common controls, and show you how you can adapt more customized interfaces. – /developer.apple.com/videos/play/wwdc2020/10104/
Create great enterprise apps.A chat with Box’s Aaron Levie iOS, macOS Discover how organizations like Box are adapting to changing conditions in the business world and remote work. Listen to Apple’s Vice President of Cloud Services Mike Abbott and Box CEO and co-founder Aaron Levie chat about the modern working environment, how cloud-based apps are helping people. developer.apple.com/videos/play/wwdc2020/10204/
Port your Mac app to Apple Silicon – Your porting questions, answered: Learn how to recompile your macOS app for Apple Silicon Macs and build universal apps that launch faster, have better performance, and support the future of the platform. We’ll show you how Xcode makes it simple to build a universal macOS binary.developer.apple.com/videos/play/wwdc2020/10214/
What’s new in managing Apple devices. – iOS, macOS, tvOS We’ve made significant strides in bringing crucial device management features to macOS. Discover how these features can help you manage your all your devices using the same tools and technologies. Get details on changes coming this year and how they will impact your deployment workflows– developer.apple.com/videos/play/wwdc2020/10639/
Part 2
iPad and iPhone apps on Apple Silicon Macs. – Apple Silicon Macs can run many iPad and iPhone apps as-is, and these apps will be made available to users on the Mac through the Mac App Store. Discover how iPad and iPhone apps run on Apple Silicon Macs, and the factors that make your apps come across better.– developer.apple.com/videos/play/wwdc2020/10114/
Build an Endpoint Security app – System Extensions improve the reliability and security of macOS. Learn about the modern replacement for Kernel Authorization KPIs and discover tips for making a great security product with the Endpoint Security framework. – developer.apple.com/videos/play/wwdc2020/10159/
Custom app distribution with Apple Business Manager – Apple Business Manager is the best way to manage and deploy business apps to your employees and customers. Whether you’re a developer, business owner, or IT administrator, we’ll showcase the benefits of Custom apps for each role and provide guidance on each step in the process. – developer.apple.com/videos/play/wwdc2020/10667/
Explore the new system architecture of Apple Silicon Macs – Discover how Macs with Apple Silicon will deliver modern advantages using Apple’s System-on-Chip (SoC) architecture. Leveraging a unified memory architecture for CPU and GPU tasks, Mac apps will see amazing performance benefits. developer.apple.com/videos/play/wwdc2020/10686/
Leverage enterprise identity and authentication – Empower your organization with the right tools while protecting privacy and security. Discover Apple’s identity management tools for enterprise, and how they can help you create a smoother experience for users when signing in to devices, apps and websites. – developer.apple.com/videos/play/wwdc2020/10139/
Introducing StoreKit Testing in Xcode – Discover StoreKit Testing in Xcode — a local environment for testing your in-app purchases without needing to connect to App Store servers. We’ll show you how to set up a test environment, create a StoreKit configuration file, and prepare to validate receipts locally. – developer.apple.com/videos/play/wwdc2020/10659/
Part 3
Discover AppleSeed for IT and Managed Software Updates – With AppleSeed for IT, you can help your school or business test pre-release versions of Apple software and provide valuable feedback directly to Apple. We’ll guide you through getting started in AppleSeed for IT and provide insight on how to file great feedback collaboratively. developer.apple.com/videos/play/wwdc2020/10138/
Boost performance and security with modern networking – Speed up your app and make it more nimble, private and secure with modern networking APIs. Learn about networking protocols like IPv6, HTTP/2, TLS 1.3 and Encrypted DNS, and how incorporating these within your app and server can provide faster performance and reduce both your power consumption – developer.apple.com/videos/play/wwdc2020/10111/
What’s new in Education. – For over 40 years, Apple has been working with educators to create technologies for students, teachers, and school administrators and help them share in a rich and meaningful learning experience. Explore the breadth of Apple’s education technologies, including classroom management apps and tools. – developer.apple.com/videos/play/wwdc2020/10658/
What’s new in Mac Catalyst – Discover the latest updates to Mac Catalyst and find out how you can bring your iPadOS app to the Mac. Explore enhancements to the application lifecycle, integrate new extensions into your apps, and learn how the new look and feel of macOS impacts Mac Catalyst apps. –developer.apple.com/videos/play/wwdc2020/10143/
Build trust through better privacy – Privacy is a more important issue than ever. Learn about Apple’s privacy pillars, our approach to privacy, and how to adopt the latest features on our platforms that can help you earn customer trust, create more personal experiences, and improve engagement. –developer.apple.com/videos/play/wwdc2020/10676/
Boot to Internet Recovery, Recovery Partition or Diagnostics from macOS using nvram or Recovery Selector.app
How to Boot to Internet Recovery, Recovery Partition or Diagnostics from inside macOS.
UPDATE 01/25/21 – Martin Nobel @martinnobel_ – If you want to make an Intel Mac boot into the Startup Manager automatically, type into terminal: “Sudo nvram manufacturing-enter-picker=true”
This means that we can boot to almost every single recovery mode EXCEPT for Internet Recovery!
When an undocumented macOS command or option is discovered, the MacAdmin community gets pretty excited. This is one of those times, as a new nvram key and value was uncovered over the weekend.
If you need to boot to Internet Recovery, you first need to remember the Mac Boot Up Keyboard Combination. Can you remember all of them? I can’t and I work on this stuff every day! Below is the complete list Mac Startup Key Combinations. The second article adds two additional keyboard combinations bringing the total to twelve! The first one will “Reinstall the macOS that came with your Mac, or the closest version still available.” The second command will “Upgrade to the latest macOS that is compatible with your Mac.”
Tim, announcing the first version of Recovery Selector.app that could boot to the Recovery Partition from macOS.
Tim found an undocumented nvram command that you could use to boot your Mac to the Recovery Partition from macOS! From there, he had an idea to create an open source app that would allow you to boot to the Recovery Partition without knowing the exact command.
Someone found additional nvram keys and values!
I replied to Tim’s tweet letting him know that I put in an Apple Enterprise Support ticket to see if we could uncover if an Internet Recovery key existed. Before I could hear back from support, someone found and sent the new key internet-recovery-mode over to Tim. He then improved the app allowing you to boot into four different modes!
Nvram Keys and Values
The commands that we needed are set with two different keys and four different values.
The new values and keys are
recovery-boot-mode = Local Recovery Partition Value
unused Boot to Recovery Partition
internet-recovery-mode = Internet Recovery Value
RecoveryModeNetwork Internet Recovery (Shift-Option-⌘-R)
RecoveryModeDisk Recovery Partition (⌘- R)
DiagsModeDisk Boot to Local Apple Hardware Diagnostic (D)
DiagsModeNetwork Boot to Internet/AST Diagnostic (Option-D)
Let’s put it all together, keep in mind you must run the nvram as an administrator.
All four different nvram internet-recovery-mode values and keys
Your Mac will immediately reboot and start up in Internet Recovery Mode.
Compatibility, Caveats and Requirements
UPDATE 01/27/20
I tested the above commands with the following hardware and OS versions.
2018 T2 15″ MacBook Pro = 10.15.3 Beta 2
2016 13″ MacBook Pro = 10.14.6
2010 13″ MacBook Air = 10.13.6
This should confirm that the command works from 10.13.6-10.15.3 and on Mac Hardware from 2010-2019.
Network Requirements (For Internet Boot Options)
Wired Ethernet Connection
Wifi = Any WPA2 saved connection.
WPA2 Enterprise WIFI is NOT Supported
The WiFi network Internet Recovery will the Top “Preferred Network” listed to boot to Internet Recovery. If for some reason the Mac can’t connect to that network you will be prompted in firmware to connect to a different WiFi network or ethernet network.
Boot Security Requirements
Firmware Password Protection – can be ON or OFF. If ON then you will be required to enter in the firmware password.
Secure Boot – can enabled , the commands works fine.
FileVault – can be enabled, you do not have to enter in your FV2 password.
Restart Requirements
You do not have to reset the boot disk, clear out nvram commands or reset anything. When you restart the Mac, it will boot right back into macOS.
Twocanoes Recovery Selector.app = Easy Mode!!!
Are you going to remember all of the different nvram keys and values?
Probably not
Why not use one simple open source application to do this for you?
Recovery Selector.app menu = easy mode for your test Mac or VM!
Tim had the great idea to take all the above command options and put them into one application. Two clicks gets your Mac rebooted to the Recovery Partition, Internet Recovery, Local HW Diagnostics or Internet HW Diagnostics.
Note: Admin access to reboot is not required, the app uses a LaunchDaemon.
You can download and try Recovery Selector.App below.
We are only missing one critical nvram Internet Recovery Value.
We are only one nvram value away from perfect.
Option-⌘-R
“Upgrade to the latest macOS that is compatible with your Mac.“
I am going to change my Apple Enterprise Support ticket into an Enhancement Request. If this final value is added we will have all 5 boot modes available in macOS.
If you have any questions please comment below or Contact Me!
Zoom Vulnerably Remediation, 14 Total variants & RCE found. Index of Zoom & MRT Links & Info
14 total Zoom Vulnerably / Exploit variants and a RCE Remote Code Execution found!
Just when you had enough of the first Zoom Vulnerably, Apple released MRTConfigData 1.46 (now 1.47!) to deal with 14 total variants and a Remote Code Execution (RCE) . I created this Index of MRT Links & Info to help you get through the confusion.
UPDATED: 07/18/19 – MRTConfigData 1.47 released and 3 more Zoom variants! Brings the total to 14.
MRT Malware Removal Tool Index
1. List of zoom opener variants and MRT versions
2. MRTConfigData Compatible OS versions.
3. Software Update & MRT Commands
4. Malware Removal Tool Documentation
5. Caveats of installing MRTConfigData and how the MRT scan works differently in 10.14 vs 10.13
6. Other ways to install MRT updates
7. Digging into the MRT Binary
8. More questions, Problems and Errors
9. Links to scripts and other MacAdmin articles
10. Disclaimer
1. List zoom opener variants and MRT Versions
How do we even know which variants are included in MRTConfigData v1.45 and v1.46? (Now 1.47!) The only way to find out is to dig into the MRT Binary Code. I talk about how I found the new variants a little more in section 7 below.
We now have 14 new Zoom Opener variants to worry about. Each one is a hidden folder listed in your user folder!
MRT Versions
1. MRTConfigData v1.45 – 7/10/19
2. MRTConfigData v1.46 – 7/16/19
3. MRTCOnfigData v1.47 -7/18/19
Zoom Variants
1. /.zoomus – 1.45
2. /.ringcentralopener – 1.46
3. /.telusmeetingsopener– 1.46
4. /.btcloudphonemeetingsopener– 1.46
5. /.officesuitehdmeetingopener– 1.46
6. /.attvideomeetingsopener– 1.46
7. /.bizconfopener– 1.46
8. /.huihuiopener – 1.46
9. /.umeetingopener– 1.46
10./.zhumuopener– 1.46
11./.zoomcnopener– 1.46
12./.earthlinkmeetingroomopener – 1.47
13./.videoconferenciatelmexopener – 1.47
14./.accessionmeetingopener – 1.47
2. MRTConfigData Compatible OS versions.
You can run the MRTConfigData update on the following macOS versions.
Mojave 10.14
High Sierra 10.13
Sierra 10.12
El Capitan 10.11 (Note: You can only usesoftwareupdate -ia --backgroundas the --include-config-dataoption was new in Sierra 10.12)
3. Software Update & MRT Commands
Let’s get right to it, here are the commands again if you want to remediate right now!
1. Check for config data updates:/usr/sbin/softwareupdate -l --include-config-data
2. Manual Install of MRT v1.47:/usr/sbin/softwareupdate -i MRTConfigData_10_14-1.47 --include-config-data
3. Verify Version of MRT:/usr/bin/defaults read /System/Library/CoreServices/MRT.app/Contents/Info.plist CFBundleShortVersionString
4. Force Run MRT.app in Agent mode:/System/Library/CoreServices/MRT.app/Contents/MacOS/MRT -a
If MRT finds Zoom the manual scan will look like this.
A manual MRT -a agent scan found ZoomOpener and deleted it.
4. Malware Removal Tool Documentation
Apple has not documented how the MRT Scan works. The MRT Tool is called out with just a few lines in the macOS Security Overview for IT.
macOS Security Overview for IT 2018
Apple refers to MRT updates as “Silent or Quiet Update” when referenced in the media. The MRT Binary doesn’t have a MAN page or a -help section. Targeted malware variants are not documented. Sounds like a job for #MacAdmins!!!
5. Caveats of installing MRTConfigData and how the MRT scan works differently in 10.14 vs 10.13
You need to know about a few caveats with this process. I have tested the installation and scan multiple times and found differences in each OS! Let’s start with Mojave 10.14 then move to High Sierra 10.13.
MRT in Mojave 10.14.5
When you manually install the MRTConfigData update the MRT.app will automatically run a MRT Scan!
You only have to worry about other users who may have installed any of the opener variants as the MRT Scan only runs for the logged in user only.
A restart and Logout/Login will kick off a manual MRT Scan.
You can run a script that Rich wrote that will remove zoom from all logged in users.
When you manually install the MRTConfigData update the MRT Scan will NOT run automatically!!!
You will need to run the MRT.app agent scan manually to remove any zoom variants.
TLDR: Installing MRTConfigData in 10.14 automatically kicks off the MRT.app scan, while in 10.13 the MRT scan does NOT run automatically.
H/T to @howardnoakley and @alvarnell for pointing out that after installing MRTConfigData the MRT Scan kicks off automatically. I did not know it at the time but they were testing in 10.14. All my testing was on 10.13, so thats why I was getting different results!
6. Other ways to install MRT updates
If you are on Mojave 10.14.5 you will automatically get the MRTConfigData update as long as you have the following SoftwareUpdate Settings set to ON.
Software Update – Required settings to get “System Data Files and Security Updates”
As long as you have these settings set to ON your Mac should automatically check in for new updates and install them every 24 hours.
For the com.appleSoftwareUpdate.plist file you need the following settings set to ON.
If you want to install all background updates now without waiting you can issue the following command.
sudo softwareupdate --background --include-config – Only background updates
or
sudo softwareupdate -ia --include-config-data – Background updates AND OS level Updates
NOTE! The -ia option will install ALLavailable software updates including Combo, Safari and Security Updates.
The above commands will only install Xprotect updates if you have all the automatic software update settings set to ON.
7. Digging into the MRT Binary
Apple does not list the targeted malware variants anywhere, so the only way to find them is to dig into the MRT Binary Code. You cant just open the code inside MRT as it has thousands of lines of code. You have to first compare the current version to the old one. This will give you the first clues, as each piece of malware is given a code. In this case it was MACOS.354c063.
Now that we have the Malware Family ID we can then search the MRT Binary using a disassembler application. A disassembler like Hopper is used to view the actual code of the new MRT binary.
BINGO!!! The actual code calling out /.zoomus/ZoomOpener.app
8. More questions, Problems and Errors
We still have questions about how the MRT works especially the MRT -d or daemon mode. I have even reached out to Apple for an answer on this.
Howard Oakley wrote a great article looking into this.
The Zoom Client before 4.4.53932.0709 on macOS allows RCE remote code execution – CVE-2019-13567
Apple.com – About background updates in macOS Mojave Your Mac automatically installs background updates for the security configuration and data files used by macOS. – support.apple.com/en-us/HT207005
Howard Oakley – twitter.com/howardnoakley – eclecticlight.co – Howard really dug into this when it first came out writing multiple articles on the zoom exploit. He also has multiple applications that he wrote that will help you, including one called SilentKnight that will tell you if all your XProtect definitions are up to date.
Rich Trouton – twitter.com/rtrouton – derflounder.wordpress.com – Rich has written the best script yet to remediate the Zoom venerability on all user accounts.
Macadmins.slack.com – You can also talk about the Zoom Vulnerability and join the #zoom channel or #security in MacAdmins Slack.
10. Disclaimer
I tried to test and research as much as possible to save you time. I hope this Index of MRT Links & Info helps you, but since this issue revolves around security please double check and test before you deploy. After deployment check again that the files inside the opener are in fact deleted.
Today Apple released macOS Catalina 10.15 (19A487l) Beta 2 to Developers.
MacOS Catalina 10.15 (19A487l) Beta 2 was released today June 17th, 2019 at 12:00 CST. Beta 2 was released just two short weeks after 10.15 Catalina was first announced at WWDC19.
Unprecedented detail in 10.15 Beta 2 patch notes.
When I first looked at the 10.15 Beta 2 patch notes, I could’t believe the detail that was put into them. The amount of detail is something that we have not seen before in previous patch notes. Let me give you some stats from the 10.15 Beta 2 Patch notes document.
17 Deprecationsin 10.15 Beta 2
19 New Features in 10.15 Beta 2
57 Resolved issues in 10.15 Beta 2
84 Known Issues – Core OS, Apps, Xcode & SwiftUI
You have to realize that we are lucky to get 10 items in previous patch notes releases. This is a huge welcome change, and what we have been looking for from Apple for a long time.
Report your bugs NOW!
Now that 10.15 Beta is live, be sure you begin testing as soon as you can. You will want to get any bugs that you find into Apple now. If you get them in now, they could be fixed in the current beta cycle instead of waiting until after September’s release date. If you wait it could be months before the fix is put into a dot release combo update.
10.15 (19A487l) Beta 2 Release Notes
I always post the full patch notes to this page to document them for you. The reason behind that is that Apple will usually just replace over the old patch notes so you are then unable to see what was fixed in the previous release.
Overview
The macOS 10.15 SDK provides support for developing apps for Macs running macOS Catalina 10.15. The SDK comes bundled with Xcode 11 beta available from Beta Software Downloads. For information on the compatibility requirements for Xcode 11, see Xcode 11 Beta 2 Release Notes.
General
New Features
Installing third party kernel extensions now requires that you restart your Mac before they’re permitted to load. (50340461)
Known Issues
If you used Migration Assistant to migrate your data to a Mac running macOS Catalina beta, you might see only third-party applications when clicking the Applications shortcut in the Finder sidebar. (51651200)Workaround: In Finder > Preferences > Sidebar, select the Applications favorite, then remove the Applications shortcut from the sidebar that displays incorrect results.
WarningYour Secure Token might be lost if FileVault is enabled on a non-APFS formatted volume while upgrading to macOS 10.15. You might be able to work around this by disabling FileVault before upgrading to macOS 10.15, then reenabling FileVault once the upgrade has completed. (51091312)
During installation of macOS 10.15 you might be prompted to enter your administrator password multiple times to allow installation to proceed. (51206649)
Some apps might not automatically relaunch after installation or updating and must be manually relaunched. (51228752)
Resolved Issues
You can install macOS 10.15 onto an encrypted volume even if it’s not already formatted as APFS. (51127640)
The Install macOS 10.15 app runs as expected on macOS 10.9. (50868081)
You don’t need to upgrade to macOS Mojave 10.14 before upgrading to macOS 10.15. (50181382)
Migration Assistant correctly migrates data from a Mac running macOS 10.15 to another Mac running macOS 10.15. (50894629)
During upgrades to macOS 10.15, files and folders stored at the root-level of a volume are no longer moved aside to /Library/SystemMigration/History/Migration-UUID/QuarantineRoot/. (45378791)
On Macs with the Apple T2 Security Chip, if you’ve used Startup Security Utility to lower Secure Boot to Medium Security or No Security, you can modify Secure Boot settings after upgrading to macOS 10.15. (51043128)
Deprecations
macOS frameworks are now thinned for the x86-64 architecture. Apps that execute i386 code now fail with the EBADARCH error code. The remaining stub frameworks are nonfunctional and exist only for compatibility purposes. (51236070)
Accessibility
Known Issues
VoiceOver feedback sounds are currently unavailable while in macOS Recovery. (48218068)
Resolved Issues
On Macs with the Apple T2 Security Chip, VoiceOver is available again while in macOS Recovery. (49870874)
App Store
Known Issues
Some apps, such as Final Cut Pro, Motion, Compressor, and iMovie can’t be found using Search. (51245576)Workaround: If you previously purchased the apps, you can download them again from Account > Purchased.
Apple CryptoKit
Known Issues
When using the SecureEnclave API with access control set on keys, users might not be prompted to authenticate. This might cause subsequent operations requiring authentication to fail. (51279188)
Apple File System (APFS)
Resolved Issues
You can use volume replication with Fusion volumes as a source or destination. (51114645)
Apple TV
Known Issues
Support for signing in with an account from a different country is currently unavailable. (51240948)
Resolved Issues
Support for Dolby Atmos content and downloads is now available. (51050344)
Apple TV remembers the previously selected tab when you relaunch it. (50922604)
The option to show only offline downloads is now available. (50997542)
Navigating using the back button behaves as expected. (51207403)
AppleEvents
New Features
To enhance security, AppleEvents and AppleScripts that target an app on a remote system must authenticate as the same user on the remote system. An AppleEvent that targets an app running as a different user receives a procNotFound error.To allow remote AppleEvents to target apps in any user session, run the following command in Terminal on the server:defaults write /Library/Preferences/com.apple.AEServer RestrictAccessToUserSession -bool false
Then disable and reenable Remote Apple Events in System Preferences > Sharing. (5353592)
Audio
New Features
You can now enable voice processing mode on AVAudioEngine. (50906329)
You can use new AVAudioNode types to wrap a user-defined block for sending or receiving data in real-time.
A new method is available for an AVAudioEngine based app to retrieve a list of all nodes attached to an AVAudioEngine instance.
A new rendering mode in AVAudioEnvironmentNode selects the best spatial audio rendering algorithm automatically based on the output device.
A new AVAudioSession property allows system sounds and haptics to play while the session is actively using audio input.
A new property, AVAudioSession.PromptStyle informs apps which style of voice prompt they should play based on other audio activity in the system.
The AVAudioSession.RouteSharingPolicy enumeration is extended to allow apps to specify route sharing policies so their audio and video is routed to the same location as AirPlay.
Audio Unit Extensions now support user presets that are available across all host apps.
Deprecations
The OpenAL framework is deprecated and remains present for compatibility purposes. Transition to AVAudioEngine for spatial audio functionality.
Inter-App audio is deprecated. Use Audio Units for this functionality.
Carbon component-based Audio Units are deprecated and support will be removed in a future release.
Legacy Core Audio HAL audio hardware plug-ins are no longer supported. Use Audio Server plug-ins for audio drivers.
AVFoundation
New Features
AVFoundation now supports encoding video with alpha channels using HEVC. Videos encoded in this manner are broadly supported in AVFoundation APIs and by Safari within web pages. Technical details of the format can be found in the Interoperability Profile specification. (8045917)
Deprecations
The previously deprecated 32-bit QuickTime framework is no longer available in macOS 10.15.
The symbols for QTKit, which relied on the QuickTime framework, are still present but the classes are non-functional.
Books
Known Issues
After migrating, audio books might not appear until you restart your Mac. (50823065)
If the ‘Restrict books with explicit content’ setting is enabled, your purchased books might be unexpectedly hidden. (51602141)
Books stored in iCloud Drive might take several minutes to appear in your Library. (51435740, 50776390)
You might be unable to import books into your library until you restart your Mac. (50962112)
After upgrading to macOS Catalina beta, locally downloaded cloud items might move back to iCloud. (51306790)
Resolved Issues
Books and PDFs imported into the Books app upload to iCloud Drive. (47124224)
Camera
Known Issues
Apps using Picture Taker must specify the NSCameraUsageDescription key to access the FaceTime camera. (47916725)
Console
Known Issues
Applying a filter to console messages might fail. (51524242)
Metal CIKernel instances now support arguments with arbitrarily structured data.
Metal CIKernel instances now support returning a group of two by two pixels.
The integer values of CIFormat symbols, such as ARGB8, have changed to a new set of values which are consistent across platforms. The former values remain supported for backward compatibility; however, you should avoid dependancies on specific numerical values.
Core Media
Known Issues
You might see unexpected results when creating 10-bit HEVC video content. (50322535)
Device Management
Known Issues
Sending a Volume Purchase Program download request to a client from a Mobile Device Management server might cause an authorization dialog to appear on the client. (49376544)
Resolved Issues
You can now log in while creating a mobile account on a server with Mobile Device Management Bootstrap Token support. (50912641)
After installing a Device Profile with PrintMACAddress=true, the user’s MAC address prints as expected. (51003427)
DriverKit
Known Issues
The Filter Packet network extension type and NWEthernetChannel API don’t currently work with network interface drivers implemented using DriverKit. (48709552)
Resolved Issues
You no longer need to unplug and reattach the accessory cable to enumerate a user space driver if that driver quits unexpectedly or you restart your Mac,. (50042397)
EndpointSecurity
Known Issues
The exec and open events are cached, however the cache entries aren’t invalidated when the file is manipulated. exec events are cached based on the executable and open events are cached as a product of the executable and the target file being opened. (45497117)
The kauth API will be removed in a future release. (50419013)
FileVault
Known Issues
Password reset for FileVault volumes from macOS Recovery doesn’t function as expected. (50455695)Workaround: While in macOS Recovery, launch Terminal from the Utilities menu, then type resetpassword and press return. In the window which appears, select ‘My keyboard isn’t working when typing my password to log in’.
Final Cut Pro
Known Issues
You might be unable to access content from your Photos library. (51600540)
Finder
Resolved Issues
Finder no longer quits unexpectedly when you try to restore using the Time Machine interface. (49398715)
Files can be copied from and deleted on an iOS device using the Files tab in Finder. (48649759)
You can now download folders from iCloud properly. (50855741)
When iCloud Desktop is enabled, attempting to drag a volume mounted on the desktop no longer results in the volume being copied to the Desktop. (51187890)
iCloud
Known Issues
You might see multiple empty Application libraries within iCloud Drive. You can safely remove the empty folders. (51635803)
The content of folders inside an iCloud Shared Folder might not be available to other users viewing your shared folder. (51591135)
Turning off the Siri switch in iCloud settings doesn’t stop Significant Locations from syncing. To stop syncing, turn off the Significant Locations switch. (50908297)
The Cloud Files section in About This Mac > Storage > Manage might inaccurately represent the current state of files on your Mac. (50362095)
Even when Optimize Storage is switched off, iCloud Drive might fail to automatically download all files. (50667204)Workaround: Download files individually.
Pages, Numbers, and Keynote documents in shared folders can only be opened on macOS and iOS. iWork documents in shared folders are currently inaccessible from iCloud.com. (50738067)
When creating a new Pages, Numbers, or Keynote document in a shared folder, you might see the message “Couldn’t connect to iCloud”. (50827963)Workaround: Close and reopen the document.
Resolved Issues
Your desktop is no longer empty after upgrading to macOS 10.15 if you’re using iCloud Drive to sync Desktop & Documents folders. (50789836)
Currently, you’re unable to import AppKit and UIKit modules in the same compilation unit. If you want to import AppKit headers into an iPad App on Mac, you can import the individual AppKit header in Objective-C, or you can create a bridging header to import the individual AppKit header for Swift. (48094910)
The UIScreen class’s isCaptured API isn’t currently supported. (48360589)
When donating interactions using the INInteraction class on macOS, the completion handler is invoked with an error which can be safely ignored. (48371526)
The current property on UIDevice and the OS Product Name is currently returned as iOS rather than macOS, which can affect diagnostic logs generated by your system. (49792004)
Event handling in extension contexts may produce unexpected results, including failure to deliver trackpad pinch and zoom gestures. (50145462)
When sending Mail attachments via MessageUI, each attachment might appear as two icons when viewed by the recipient. (50369995)
Controls drawn with accent color incorrectly maintain their active color when the window is inactive. There is no need to work around this in your app. (50563638)
The UIKit module currently doesn’t import the newly added NSToolbar and NSTouchBarheaders, NSToolbar+UIKitAdditions.h and NSTouchBar+UIKitAdditions.h. You can import these headers directly in Objective-C, or you can create a bridging header to import them for Swift. Be sure to import Foundation before importing these headers. (50704322)
For iPad Apps on Mac to save to Photos Library, explicitly linking the Photos framework is required. (50781430)
Opening a CloudKit share URL might not launch an iPad App on Mac that’s present on the system. Additionally, the system might not take the user to the appropriate App Store page to download an app which isn’t present on the system. (50877241)
Action and share extensions might exhibit visual anomalies. (51005363)
The productsRequest(_:didReceive:) method from StoreKit currently returns with didFailWithError and products aren’t loaded. (51028870)
All assets at 3x scale factor are currently ignored when compiling the asset catalog for iPad Apps on Mac. Because the search begins with the universal asset, assets for a specific memory or graphics class won’t be found. For example, if you provide an image and only give a 6GB and Metal 5v1 asset, it won’t be found at runtime. It’s recommended that you provide all images as vectors to allow generation of the correct scale factors, or at minimum provide 2x versions of the assets. If you’re classifying resources based on memory and graphics families then you should provide “Any Memory” and “Any Graphics”. (51033745)
CallKit CXAction instances might return an error. (51074735)
MTKView objects might render incorrectly. This will be resolved in an upcoming beta. (51084042)
If your iPad App on Mac is launched directly into the background, a second background launch request launches the app into the foreground, making it visible to the user. If your app uses any of the supported APIs which might result in a background launch, this might cause your app to launch in the foreground without user input. (51287556)
In macOS 10.15 beta, the UIGraphicsRenderer class’s default() function returns the nonextended color range renderer format by default. To use-extended color range format for rendering, create an instance using preferred() and pass it to init(bounds:format:). (51303954)
When creating a Mac version of your iPad app, Xcode automatically generates a unique Mac bundle identifier. If you have an existing Mac bundle identifier you’d prefer to use, you can do so by using manual signing in Xcode. (51076014)Follow these steps to configure your project, AppID, and provisioning profile:
In the Identifiers section, select your iOS app identifier to edit.
Check the UIKit for Mac capability to enable it, then click the Configure button.
Choose Use an existing macOS AppID and select the identifier you’d like to use from the popup menu. Click the Save button to finish editing your AppID.
In the Profiles section, click the + button to create a new profile, select ‘macOS App Development’, and click Continue.
Select your iOS AppID from the popup, click Continue, and complete the rest of the profile creation flow. When finished, click the Download button.
In Xcode, select your project to view the Project Editor and select your app’s target. Then select the Build Settings tab.
Set the Derive UIKit for Mac Product Bundle Identifier setting to No.
Expand the Product Bundle Identifier build setting to view its configurations. Next to the Debug configuration, click the + button to add a conditional value.
For the build setting condition, select Any macOS from the popup menu. Edit the value of the conditional build setting to match the macOS bundle identifier you want to use. Repeat this step for all configurations in your project.
In the Signing & Capabilities tab, uncheck Automatically manage signing.
For your macOS app, select Import Profile from the Provisioning Profile popup and then select the profile you downloaded earlier.
iPad Apps on Mac that use CloudKit receive push notifications properly. (51264475)
iPad Apps on Mac use the same default keychain access group as iPad apps. (50779224)
Ad-hoc app signing now allows access to the Keychain. Adding Keychain Sharing triggers mandatory signing using a profile, in turn allowing access to the Keychain. (50898387)
You can open the Services Preferences pane from the Services > Services Preferences menu item in the app menu. (49780697)
When the user quits an iPad App on Mac, the app transitions to UIKit background state and the app’s audio is stopped. AVAudioSession issues a begin interruption notification in response to the app transitioning to UIKit background state. Additionally, if an iPad App on Mac attempts to activate an AVAudioSession, start an AudioQueue, AURemoteIO, or other high-level player object while in UIKIt background state, audio input and output won’t be allowed to start and AVAudioSession won’t be allowed to activate while the app is in UIKIt background state. (51050672)
If you use UIDocumentBrowserViewController to create a new document, then cancel, the helper process presenting the document browser doesn’t quit unexpectedly. (50558637)
UILabel, UITextField, and UITextView instances with alignment set to center or right in Interface Builder have the proper alignment when designing for or running iPad Apps on Mac. (50062524)
A tooltip added to an NSToolbarItem is no longer presented as a blank window. (50957416)
You can now pass shared items from a Sharing extension back to the host through its completion handler. (50835062)
Resolved an issue where creating an NSToolbarItem with a UIBarButtonItem.SystemItem of type compose, reply, search, or camera made apps behave unexpectedly. (51253315)
Color asset variants are passed during runtime, so these colors now appear in your iPad App on Mac. (51113192)
Password AutoFill appears correctly in iPad Apps on Mac. (50992371)
SFSafariViewController opens the URL from initialization when presented, then dismisses itself. (51267323)
iWork
Known Issues
Attempting to open iWork documents in Finder will unexpectedly create a .cpgz file if the corresponding iWork app isn’t installed. (40693892)Workaround: Install the corresponding app from the App Store before opening the document.
Game Controllers
Resolved Issues
HID reports from DualShock 4 game controllers using Bluetooth are no longer reported differently by lower level frameworks, such as IOKit, in comparison to macOS Mojave 10.14. (51163262)
Localization
Known Issues
Certain languages might exhibit clipped or misaligned layout. (51068688,50983852)
Certain languages might display unlocalized text. (47765173,51196633)
Mail
Known Issues
If your Mac contains both macOS Mojave 10.14 and macOS 10.15 volumes, you might experience issues searching in Mail. (46611310)Workaround: While running macOS Mojave 10.14, open Terminal and execute the following command:sudo touch /.metadata_never_index_unless_rootfs
Reboot into macOS 10.15, open Terminal and execute the following command:sudo touch /System/Volumes/Data/.metadata_never_index_unless_rootfs
Reboot into macOS Mojave 10.14, open Terminal and execute the following command:sudo mdutil -E /
Depending on the size of your Mail database, it might many hours to reindex all content.
Music
Known Issues
You might be unable to log into the store unless you’re logging in from the country in which you’re currently located. (51105585)
Navigating using the back button might produce unexpected results. (51248128)
Music might take a long time to launch for some users. (51207753)
You might be unable to scroll content on shelves. (51248128)
Artwork changes might not immediately appear; playlists will be added in an upcoming beta. (51201715)
Music might not remember the previously selected tab when it’s relaunched. (50922604)
Resolved Issues
Connecting to another computer using Home Sharing shows the remote library as expected. (50921136)
Attempting to delete movies, TV shows, and music videos from Manage Storage settings works as expected. (51001458)
The visualizer appears as expected. (49952376)
Networking
New Features
All NSURLSessionTasks with a GET HTTP method which contain a body will now produce the error NSURLErrorDataLengthExceedsMaximum. (46025234)
Known Issues
An active Network Extension content filter configuration might interrupt the boot process indefinitely following a kernel panic. (50965627)Workaround: Boot into macOS Recovery, launch Terminal, and execute the following command:rm /Library/Preferences/com.apple.networkextension.necp.plist
NetBoot is unavailable when a Network Extension content filter configuration is enabled. (50872052)
The NWEthernetChannel API doesn’t currently support VLAN interfaces. NEPacketTunnelProvider will see both tagged and untagged frames arriving on physical interfaces. Depending on the Ethernet driver, VLAN tags might be processed by hardware and thus stripped off the Ethernet frames thus NEPacketTunnelProvider won’t see the VLAN tag. (51275655)
Resolved Issues
The driver for Ethernet Control Model (ECM) USB-C to Ethernet adapters is now enabled in Virtual Machine instances of macOS 10.15. (50968842)
Enabling a Network Extension content filter using NEFilterManager starts the content filter. (50603957)
The DNS Proxy, Packet Tunnel, and App Proxy network extension types work as System Extensions. (51186839)
Installing a content filter configuration when the corresponding content filter system extension is inactive doesn’t interrupt all network traffic on your Mac. (51033902)
Deprecations
Support for FTP and File URL schemes for Proxy Automatic Configuration (PAC) is removed. HTTP and HTTPS are the only supported URL schemes for PAC. This affects all PAC configurations including but not limited to configurations set using Settings, System Preferences, profiles, URLSession APIs such as connectionProxyDictionary, and CFNetworkExecuteProxyAutoConfigurationURL(_:_:_:_:). (28578280)
SPDY support is removed from the URLSession and NSURLConnection APIs. Servers should use HTTP 2 or HTTP 1.1. (43391641)
The Network Kernel Extension API is now deprecated. (49284108)
NetBIOS is disabled in macOS 10.15 to speed up mounting, browsing, and connecting to SMB shares. Some older printers and file servers may require NetBIOS to connect. (51119111)To enable NetBIOS, you can create or edit the /etc/nsmb.conf file. If your system doesn’t already have an /etc/nsmb.conf file, use the following Terminal commands while logged in as an Administrator:echo "[default]" | sudo tee -a /etc/nsmb.conf
echo "port445=both" | sudo tee -a /etc/nsmb.conf
To disable NetBIOS, you can safely delete the /etc/nsmb.conf file.
Photos
New Features
To improve the Photos upgrade experience, Photos is testing database upgrades using a clone of the Photo Library. This clone doesn’t include the content of each photo, but does include faces metadata and a thumbnail image of each person in your library. It also contains metadata such as the asset name and the geographic location of the photo. It is created at ~/Pictures/macOS 10.15 Pre-Upgrade Backup, and you can manually remove this backup at any time. The clone will be removed automatically before the final release of macOS 10.15. (51033690)
Podcasts
Known Issues
The sidebar might render unexpectedly until quitting and relaunching the app. (51340728)
Browse and Top Charts might not display content from the expected country. (51681853)
Deleting podcasts using About This Mac > Storage > Manage doesn’t update what’s shown in the Podcasts app until it’s relaunched. (50354510)
Setting “Automatically Download Episodes” to “Never” might not take effect. (50960777)
Writing a review isn’t currently supported. (46173722)
Manually checking for feed updates when Option-clicking the Podcasts app in the dock isn’t currently available. (50958585)Workaround: Quit and relaunch the app.
Certain UI elements might appear unaligned on non-Retina displays. (51138730)
The first time Podcasts is launched, a migration is triggered even if there is no content to migrate. (51145044)
If Podcasts is placed in Full Screen mode, some UI elements might be obscured by the toolbar. (47125303)
Resolved Issues
User interface elements are no longer obscured by the toolbar if you place Podcasts in Full Screen mode. (47125303)
Quartz Composer
Deprecations
Starting in macOS 10.15, the Quartz Composer framework is deprecated and remains present for compatibility purposes. Transition to frameworks such as Core Image, SceneKit, or Metal. (50911608)
Screen Sharing
Known Issues
If the Mac you’re screen sharing with is running macOS 10.15 beta, you can’t drag and drop onto the screen share. (50791710)
Screen Time
Known Issues
Users can click ‘One more minute’ multiple times per day instead of only once each time they reach a limit for that app. (48773803)
Screen Time > Content & Privacy > Content > Web Content > Allowed Websites Only isn’t currently enforced in macOS 10.15 beta. (50462899)
Resolved Issues
Parental controls that predate macOS 10.15 aren’t enforced when these restrictions are set to Off in Screen Time. (48010796)
When in Downtime or after reaching an App Limit, clicking Ignore Limit no longer requires clicking in the precise location for the options to appear. (50061983)
Messages and FaceTime enforce Screen Time’s Communication Limits. (51055350, 51055448)
You can now consistently select apps in the Always Allowed pane. (51120837)
Script Editor
Resolved Issues
Script Editor doesn’t quit unexpectedly when saving or executing scripts. (50470730)
Scripting Language Runtimes
Deprecations
Scripting language runtimes such as Python, Ruby, and Perl are included in macOS for compatibility with legacy software. Future versions of macOS won’t include scripting language runtimes by default, and might require you to install additional packages. If your software depends on scripting languages, it’s recommended that you bundle the runtime within the app. (49764202)
Use of Python 2.7 isn’t recommended as this version is included in macOS for compatibility with legacy software. Future versions of macOS won’t include Python 2.7. Instead, it’s recommended that you run python3 from within Terminal. (51097165)
Siri now supports the Music and Podcasts apps. (47202947, 50790506)
Spotlight
Known Issues
Mail messages might not display previews. (35678035)
SwiftUI
Known Issues
Return types for View modifier methods include complex generic types. In a future release, these methods will return simpler types. (46140669)
The tabItemLabel(_:) modifier doesn’t accept @ViewBuilder closures.Workaround: Wrap the views you pass to the modifier in a VStack:MyView()
.tabItemLabel(VStack {
Image("resourceName")
Text("Item")
})
Image instances don’t use resizing information configured in asset catalogs. Configure the size of an image using the resizable(capInsets:resizingMode:) modifier instead. (49114577)
A ScrollView doesn’t always size itself as expected for its content. (49204262)Workaround: Size the view that’s inside the ScrollView by applying the frame(width:height:alignment:) modifier to the inner view. (49204262)
Resolved Issues
Tabs in TabbedView instances appear as expected when you use them with a NavigationView. (49958869)
The possible values that you can select from a Picker can now be accessed from UI automation. (50679414)
SystemExtensions
Known Issues
Upgrading system extension versions isn’t currently available. The extension can be deleted, then reinstalled which requires user reapproval. (48943883)
Approving system extensions using Mobile Device Management isn’t currently available. (50553712)
Resolved Issues
Driver extensions launch on-demand after installation. (51229724)
Voice Memos
Known Issues
Voice Memos synced from iCloud might not finish downloading. (49512619)
The File menu might be unexpectedly empty. (51475831)
Location-based naming isn’t yet available in macOS 10.15 beta. (48048663, 50743045)
Wi-Fi
Resolved Issues
Your Mac can automatically join WPA3 networks. (50605428)
The Wi-Fi menu no longer lists available Wi-Fi networks after you turn Wi-Fi off using the menu bar. (50643127)
Xcode
Known Issues
Swift interfaces for several new URLSession APIs are unavailable. (50517967)
Deprecations
Command line tool support for Subversion — including svn, git-svn, and related commands — is no longer provided by Xcode. If you need Subversion or related command line tools, install the Command Line Tools package by running xcode-select --install. (50266910)
