Security Updates 2020-001 for Catalina & 2020-007 Mojave
Security Updates 2020-001 for macOS Catalina (19H114) & 2020-007 Mojave (18G7016) & Safari 14.0.2 are now Available.
Apple has released Security Updates 2020-001 (Catalina) and 2020-007 (Mojave). MacOS High Sierra is now officially unsupported by Apple. The 2020-006 Security Update was High Sierra’s final update. Mojave has taken its place as the 3rd supported version of macOS behind Catalina.
Since this security update is Catalina’s first it was named 2020-001. Mojave has had 7 Security Updates so the version is 2020-007. Next year they will both be named 2021-001.
Mr.Macintosh 2020-001, 2020-007 & Safari 14.0.2 Security Update video
Mojave however still does! The 2020-007 security update creates a snapshot and does NOT purge previous snapshots.
I really wish Apple could get this feature working again.
The Safari 14.0.1 upload issue is not fixed in 14.0.2.
A simple example of this is using Gmail in Safari. If you update to Safari 14.0.1 or 14.0.2 you will be unable to attach anything to an email The only work around right now is to use Chrome or Firefox.
New workaround = drag and drop the file into the window.
Install Process Fixed!
With the release of 2020-006, Apple has changed things up. In the past you could have the base version of Mojave, 18G103 for example and the latest security update would show as available and you could update right to it. With 2020-006 you will need to be on 2020-005 first before you can update to 2020-006! This is a huge pain if you have systems that are behind in build versions.
Example.
If you have a fresh build of macOS Mojave 10.14.6 (18G103) and you want to get to 2020-006.
1. Install Security Update 2020-005 first.
2. After installing 2020-005, you will now see 2020-006 available for instal in software update.
With the release of the new 2020-001 and 2020-007 Security Updates, Apple now lets you jump straight to the latest update.
Updated Fixed Example
If you have a fresh build of macOS Mojave 10.14.6 (18G103) and you want to get to 2020-007.
Install 2020-007 = Done
Testing the Security Update Install Process
After all the problems of the 2020-005 Security Update for Mojave caused, I wanted to again make sure everything was ok with 2020-001 & 2020-007. I’ve installed both the 2020-007 and Safari 14.0.2 updates and have not found any issues. You can safely install both of them together.
Click “Continue Reading” to read the rest of the article.
macOS Catalina 10.15.7 Supplemental Update is now Available.
UPDATE 11/11/20:Apple has just released a full installer for macOS Catalina 10.15.7 that includes the Supplemental Update Security Fixes! No word of an updated combo update or a downloadable pkg yet. I will update if they become available!
Today Apple released the 6th Supplemental Update for macOS Catalina. With the release of 10.15.7, we thought Apple would continue with an easy way to identify updates. The 10.15.7 Supplemental update seemed to dash those hopes. The update does not even list any fixes in it. The only wording is
“macOS Catalina 10.15.7 Supplemental Update is recommended for all users and improves the security of macOS”
This tells us that the update only has security related fixes in it!
In the security link, Apple calls out 3 security vulnerabilities. I will go over them below.
Mr. Macintosh Catalina 10.15.7 Supplemental Update Video
The macOS Catalina 10.15.7 Update includes the following Security fixes.
macOS Catalina 10.15.7 Supplemental Update provides important security updates for your Mac.
This update is an important update due to this quote from Apple
A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
Apple
The Supplemental Update patches the following
FontParser arbitrary code execution = Found in the wild!!!
Two Kernel Exploits = Both found in the wild!!!
All three vulnerabilities have been reported to Apple from the Google Project Zero Team.
Treat this Supplemental Update as a High Priority!
Confusing Update Situation
We have a couple update scenarios that we need to discuss. Normally Apple releases new Delta and Combo Updates. This time we only have a delta update for 10.15.6 users. If you have anyone on 10.15.0-10.15.5 they will be offered the OLD 10.15.7 (19H2) Update. They will have to install the 10.15.7 Supplemental Update after!
10.15.7 users = NEW 10.15.7 Supplemental Update
10.15.6 users = NEW 10.15.7 Delta Update
10.15.0-10.15.5users = OLD 10.15.7 Combo Update – Will need to install the 10.15.7 Supplemental Update after.
10.15.7 Full Installer = Remains OLD 10.15.7 (19H2) version and will need to install the 10.15.7 Supplemental Update after.
Hat Tip to my fellow Software Update Investigator Eric Holtam! Follow him on Twitter @eholtam
Apple’s Public Patch Notes / Release Notes Documentation
NOTE: Apple Documentation takes a little while to show up online after release. I will update when the new articles are made available.
The following security fixes are included in Catalina 10.15.7.
Released November 5, 2020
FontParser
Available for: macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild.
Description: A memory corruption issue was addressed with improved input validation.
CVE-2020-27930: Google Project Zero
Kernel
Available for: macOS Catalina 10.15.7
Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
Description: A type confusion issue was addressed with improved state handling.
CVE-2020-27932: Google Project Zero
Kernel
Available for: macOS Catalina 10.15.7
Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild.
Description: A memory initialization issue was addressed.
Apple has just released the macOS Mojave 10.14.6 “Supplemental Update” which is a fixed version of Safari 14.0
The macOS Mojave 10.14.6 Supplemental Update is Live! It includes a fixed version of Safari 14.0. The update also address the problems of the previous release. Security Update 2020-005 was also re-released.
Apple has just released a Mojave Supplemental Update that address all the problems that the previous Safari 14.0 and 2020-005 Security Updates! This news comes one day after Apple pulled both software updates from the software update catalog.
You can find a full summary of the issue in the link below.
UPDATE 10/08 11:30PM – Safari 14.0.1 Seed 2 was just released today. Mr. Macintosh reader Joe wrote in to let me know that after he installed Seed 2 over Seed 1 all of his problems went away! This will be a perfect fix for anyone who installed Safari 14.0.1 Seed 1 and were still having problems (since the Supplemental Update was not compatible with 14.0.1).
UPDATE 10/03 3:00PM– I’ve added a direct download link to the safari 14.0 package from the software update service in section 16 below. Apple has also added back the Mojave 2020-005 Security Update back to Apple.com downloads. The security update link is also in section 16 below.
UPDATE: 10/02 3:00PM – NOTE: Apple still has an old link to the Supplemental Update from 9/26/19 up on the the Apple downloads site. This is NOT the update you need. Apple has not released a stand alone download for this update yet. The update is only available from software update.
UPDATE: 20/02 10:30AM – I’ve added section 5 to make sure you know that the Supplemental Update will install Safar 14.0. This is important to understand in case you needed to remain on Safari 12 or 13. Some users are asking me what they should so if they installed Safari 14.0.1 Beta. I’m looking into that now.
You can also check out my new update deep dive video below.
https://youtube.com/watch?v=VmefkXN-4nY
Mojave Supplemental Update (Safari 14) Mr. Macintosh Video
Table of Contents
1. Name of the Update?
2. Details of the macOS Mojave Supplemental Update
3. I’ve tested this update and confirmed that it fixes most issues!
5. The Supplemental update will install Safari 14.0!
6. Inside the macOS 10.14.6 Supplemental Update
7. Which update does your Mac need?
8. Did you ONLY install – Safari 14.0?
9. Did you ONLY install – 2020-005 Security Update?
10. Did you install BOTH Safari 14.0 & Security Update 2020-005?
11. Did you not install either of the updates?
12. Not seeing the 2020-005 Security Update?
13. I ran softwareupdate --ignore "Security Update xx" now what?
14. Did you install Safari Beta 14.0.1 ?
15. Did I cover all the situations that you could be in?
16. 10.14.6 Supplemental Update Links
17. Security Content of macOS 10.14.6 Supplemental Update
18. Final Thoughts
19. Thank You
1. Name of the Update?
Apple calls this update “macOS 10.14.6 Supplemental Update” Which is a bit confusing. In this particular case, the naming might make sense. Even though the update only includes a fixed Safari pkg, it also includes fixes that repair previous install OS level issues.
softwareupdate -l shows the name. It’s technically called Safari14.0MojaveAuto-10.14.6
NOTE!!! The update also includes a required restart. (Normal Safari Updates do not require a restart.)
2. Details of the macOS Mojave Supplemental Update
Along with the new Supplemental Safari Update, the Mojave 2020-005 Security update was re-released back into the software update catalog.
5. The Supplemental update will install Safari 14.0!
I need to make this clear, If you do not want Safari 14.0 don’t install the new macOS Supplemental update! I’ve heard from a few users who need to remain on the old version. Only update when you are ready to make the jump to Safari 14.0
6. Inside the macOS 10.14.6 Supplemental Update
So if this is not a normal supplemental update, what is it?
This is what’s inside of the macOS 10.14.6 Supplemental Update (FIxed Safari 14.0)
As you can see, this update only has the fixed version of Safari 14.0 inside! NOTE: this update has a REQUIRED RESTART!
What does a normal supplemental update look like?
This is what’s included in a full Supplemental Update. This is the 10.14.6 Supplemental Update #2
As you can see a normal “Supplemental Update” includes a bunch of stuff. I just wanted to clear up any confusion that you might have. (I was confused when I first saw the update.)
7. Which update does your Mac need?
We have multiple scenarios to work with here. I have used a test Mac to go over the many situations that a user might be in so you are not left wondering what to do!
1. Did you install ONLY install – Safari 14.0?
2. Did you install ONLY install – 2020-005 Security Update?
3. Did you install BOTH Safari 14.0 & Security Update 2020-005?
4. Did you not install either of the updates?
Below is a screenshot of what About This Mac > System Report > Installations will look like.
System Report – This is what it would look like after installing both problematic updates then installing both fixed updates.
8. Did you only install – Safari 14.0?
Let’s say that you installed Safari 14.0 a few days ago but heard the news about all the problems that the 2020-005 security update was causing.
Your Safari Version is = 14.0 (14610.1.28.1.9)
You will see the following in Software update.
This is what you will see if you only installed the old version of Safari 14.0
The following will happen in this scenario.
Fixed version of Safari Supplemental Update + fixes update will be installed
The Re-Released version of Mojave 2020-005 Security Update will install
Reboot
You are now fully up to date with no issues!
Mojave will be on the same Build Version 10.14.6 (18G6032)
Safari version is UPDATED – 14.0 (14610.1.28.1.10)
You are good to go!
9. Did you only install – 2020-005 Security Update?
Let’s say you need flash and you didn’t want to install Safari 14.0. But you did see the Security Update 2020-005 and installed it. In this situation, you would still be fine (maybe) even if you installed the old version of Safari 14.0. The problem would only happen if you installed Safari 14.0 first then the 2020-005 update.
What would you see in software update?
You only need to install the Supplemental Update (Safari 14.0 Fixed) and will be good to go!
In this case you would only see the fixed Safari 14.0 Supplemental Update.
Once installed you are good to go!
10. Did you install BOTH Safari 14.0 & Security Update 2020-005?
Let’s say that you had automatic updates set and you got both updates. Your system is in a broken state.
What would you see in software update?
What you would see in SU if you previously installed both problematic updates.
The following will happen in this scenario.
Fixed version of Safari Supplemental Update + fixes update will be installed
Reboot
You are now fully up to date with no issues!
Mojave will be on the same Build Version 10.14.6 (18G6032)
Safari version is UPDATED – 14.0 (14610.1.28.1.10)
You should be fixed!!!
11. Did you not install either of the updates?
Let’s say that you heard of the news of the problematic updates and were able to save your Mac.
What would you see in software update?
This is what you would see on a mac with 10.14.6 (18G6020) and Below.
You would see both updates
The following will happen in this scenario.
Fixed version of Safari Supplemental Update + fixes update will be installed
The Re-Released version of Mojave 2020-005 Security Update will install
Reboot
You are now fully up to date with no issues!
Mojave will be Build Version 10.14.6 (18G6032)
Safari version now – 14.0 (14610.1.28.1.10)
You are good to go!
12. Not seeing the 2020-005 Security Update?
You might have either installed the update or ignored it by running
If you would like to install the re-released version of the 2020-005 Security Update, all you need to do is run this command.
sudo softwareupdate --reset-ignored
The security update will now show up in software update for you to install.
14. Did you install Safari Beta 14.0.1 ?
I am testing this situation out now.
Yikes, looks like the Supplemental Update does not show up if you have installed Safari Beta 14.0.1. The installer will let you install the Supplemental Update over the top of the 14.0.1 Beta, but does not actually install.
15. Did I cover all the situations that you could be in?
Did you have an install scenario that I missed. I attempted to cover and test them all. Let me know!
16. 10.14.6 Supplemental Update Links
Apple has not released a standalone installer or pkg for the supplemental Update. I’ve included direct links from the Software Update Service below. Apple has added the Mojave 2020-005 Security Update back to the Apple.com downloads page.
It was really cool to see this little blog mentioned. 🙂
With that said, I think Apple handled this pretty good. They might have taken a bit to pull the update, but they came out with a fix only one day later!
Hopefully we can get a closer eye on update quality moving forward.
19. Thank You
I wanted to thank all of my Mr. Macintosh readers, Twitter followers, YouTube Subscribers and those who emailed me. You have shared so many of your thank-you notes, comments, tips and fix stories. I really appreciated reading them all, I created this blog for you! I am finally at a point in my life where I can take all of the knowledge that I’ve learned along the way and share it with you.
macOS Catalina 10.15.6 Supplemental Update is now Available.
Today Apple released the 5th Supplemental Update for macOS Catalina. This time around, the fix is for memory leaks with virtualization software . You can read more about the issue from Howard Oakley and a VMware engineer. The other fix has to do with the brand new 2020 5k 27-inch iMac.
Build Version Number Mistake?
The Build version for this update is (19G2021). Normally a 4 digit end number on a macOS build version number means that it’s a “Forked” installer. A “Forked” installer means that it will ONLY install on brand new hardware from Apple. A perfect example of this is when Apple released the new 2020 iMac. It includes brand new hardware drivers that the previous builds of macOS didn’t include. To resolve this, Apple will release a full installer that has this new hardware included but will only install the new hardware. When a new dot release comes out, Apple will unify the installer so it can be install on any Mac including the new hardware. Tidbits has a great article that explains Apple build versions. The only problem is, the article does mention macOS hardware specific or forked build versions.
Below is a list of all the forked hardware specific installer build versions that Apple released for 10.15.
Why did Apple give this unified installer a forked build version number (19G2021) ?
UPDATE: – Erik Gomez @Contains_ENG mentioned that 4 digit daily builds are common near the end of an OS release. Looking back at 10.13 and 10.14, this is true only when Apple starts to release 2020-001 type security updates. For example when Big Sur is released, Apple will stop working on bug fixes for Catalina and will only send out security updates. After the switch the build version usually makes the jump to 4 digits. I guess Apple decided to get a head start this year.
Unified 10.15.6 Full Installer
The good news about this update is that includes the 2 new BoardIDs for the 2020 iMacs. This means you do not have to keep a separate installer if you have any of the new iMacs in your fleet. The new installer (19G2021) will work on them.
The Catalina 10.15.6 Supplemental Update Includes the following fixes.
macOS Catalina 10.15.6 supplemental update includes big fixes for your Mac
Fixes a stability issue that could occur when running virtualization apps
Resolves an issue where an iMac (Retina 5k, 27-inch 2020) may appear washed out when waking from sleep.
Apple’s Public Patch Notes / Release Notes Documentation
NOTE: Apple Documentation takes a little while to show up online after release. I will update when the new articles are made available.
T2 BridgeOS was updated along with the 10.15.6 Supplemental Update.
Size = 417.7 MB
Product ID = 001-36736
BridgeOS Update Version = 17.16.16610
Previous BridgeOS Update Version = 17.16.16065
If I deployed/cached the old 10.15.6 Installer.app for OS Upgrades, do I need to redeploy?
Do I have to replace my deployable 10.15 Installer.app?– Yes
If you deployed the old version of the 10.15.6 (19G73) Installer, you should update it to the new (19G2021). If you don’t your users will have to install the New Catalina Supplemental Update after installing or upgrading.
Security Content of macOS Catalina 10.15.6 Supplemental Update.
The Supplemental Update does not list any public CVE entries.
New Supplemental Update released ONLY for the new AMD Radeon Pro 5600M 16″ MacBook Pro.
Apple has a released a new Supplemental Update for macOS Catalina 10.15.5 (19F2200). This update is ONLY for the new AMD Radeon Pro 5600M equipped 16″ MacBook Pro.
In a surprise one week before WWDC, Apple has released a new version of the 16″ MacBook Pro. The new option is a new AMD Radeon Pro 5600M graphics card with 8GB of HBM2 memory. The new A new Supplemental Update build of macOS Catalina 10.15.5 was also released today. This update is only for the new 5600M equipped 16″ MacBook Pro that was released today. The New Supplemental update patch notes say “macOS Catalina 10.15.5 Supplemental Update provides important security updates and is recommended for all users“. This says “All Users” even though it’s only for the new model. The Supplemental Update is now also available for download as a pkg update and updated full installer.app.
New (16-inch, AMD Radeon Pro 5600M)
The new Machine model name = (16-inch, AMD Radeon Pro 5600M). The shipping BuildVersion of this new model is macOS Catalina 10.15.5 (19F2096). The new supplemental update will show up in softwareupdate for the new AMD 5600M 16″ MacBook Pro only. After the Supplemental Update is installed the BuildVersion will be (19F2200).
New BoardID
I keep an index of all Mac BoardID’s on this page.
Apple has a released a new Supplemental Update for macOS Catalina 10.15.5. The update patches CVE-2020-9859, a Kernel Exploit from uncOver.
The original version of Catalina 10.15.5 was only released 6 days ago on May 26th. The New Supplemental update patch notes remain unchanged. The update patches CVE-2020-9859, a Kernel Exploit. “An application may be able to execute arbitrary code with kernel privilege“. The Supplemental Update is now available for download as a full installer.app, delta and combo update.
10.15.5 Supplemental Update Patch Notes Summary
Announcements
New Features
Resolved Issues
Enterprise Fixes
1 Security Fixes
Apple’s Public Patch Notes / Release Notes Documentation
NOTE: Apple Documentation takes a little while to show up online after release. I will update when the new articles are made available.
UPDATE: 7/01/20 – I just tested on 10.15.6 Beta 3 and the issue is fixed!!!
UPDATE: 5/29/20 – This issue is still definitely a problem with 10.15.5. I have multiple in house confirmations along with a bunch of reader reports.
UPDATE: 5/26/20 – I have now received 3 different reports of this same issue happening after installing the new macOS Catalina 10.15.5 Update. This issue does NOT happen on every Mac. The problem still seems to be intermittent. Please let Apple know that we need this fixed!!!
I would like to get back into writing more How-To articles. The thing is, reporting on issues like this help more people. I would love it if I could get a heads up on an issue that could cause problems in my environment. That’s the idea behind articles like this and my macOS System Status page.
Case in point is this article. Do you use the ComputerName, HostName or LocalHostName value for one of the following functions?
MDM Computer Scope
802.1x Authentication
Active Directory
VPN
If you depend on the ComputerName or HostName for any of these services, it could wreak havoc for the user!
Let’s jump right in, I will give you you an overview of this issue.
Table of Contents
1. Affected macOS Build Version
2. Affected Mac Hardware
3. User Reports
4. Problem
5. The future of managing macOS Updates.
6. Should I block the 10.15.4 Supplemental Update?
7. Does Apple Know about this issue?
8. Links
1. Affected Mac Models
Unlike other issues, this one covers all Macs that are compatible with macOS Catalina that are on 10.15.4 (19E266).
2. Affected OS Versions
This issue affects only one macOS update.
macOS Catalina 10.15.4 Supplemental Update (19E287) Released 4/8/20
NOTE: This issue does not happen with the updated 10.15.4 Combo & Delta updates.
3. User Reports
One of the very first reports was in a MacAdmins Channel. Let’s take a look at some of the reports.
Is anyone else having issues with macOS Catalina 10.15.4 Supplemental Update deleting log files form /var/log and changing the computer name to just the Mac model (eg iMac)
On a test Mac, I experienced this, and I filed feedback. Please file feedback, so they have an idea how widespread (or not) it is, and to help them solve it.
This one is pretty cut and dry. If you set the ComputerName to a specific value, let’s say the SerialNumber, it will be reset back to factory default. In the case of a MacBook Pro the ComputerName would now be MacBook Pro.
ExampleTest
Fresh 2014 MacBook Pro erase & install with 10.15.4 (19E266). I then set the ComputerName and HostName to something different (Serial Number).
I used softwareupdate -iaR to install the 10.15.4 Supplemental Update.
Once the Mac Came back up, sure enough the ComputerName was MacBook Pro.
Most home users will never have to mess with this value. If you would like to check, open System Preferences > Sharing.
The Mac Computer Name in the Sharing Preference Pane.
MacAdmins will set this value with one of the following ways.
6. Should I block the 10.15.4 Supplemental Update?
Maybe
The supplemental update does not include any Security Related fixes. Take a look at the fix list below.
Fixes an issue where Mac computers running macOS Catalina 10.15.4 could not participate in FaceTime calls with devices running iOS 9.3.6 and earlier or OS X El Capitan 10.11.6 and earlier
Resolves an issue where you may repeatedly receive a password prompt for an Office 365 account
Fixes an issue where MacBook Air (Retina, 13-inch, 2020) may hang in Setup Assistant or when disconnecting and reconnecting a 4K or 5K external display
Resolves an issue where a USB-C port in your Mac may become unresponsive
If you need any of the above fixes, then I would say that you might need deploy it. You could also wait for a 10.15.4 Supplemental Update #2 or 10.15.5.
Deploy the update ONLY if you have a way to reset the ComputerName & HostName before the user can use the system!
You would need to deploy a LaunchDaemon that would execute a script to rename both values on load.
7. Does Apple Know about this issue?
Going by this post by Don, it’s not looking good as of last week.
Apple confirmed the /private/var/log/ issue (101063983106) but have not been able to replicate the ComputerName/HostName issue. They advised if anyone is able to replicate, open a ticket so they can look into it.
This problem can happen to a very small number of T2 Macs after installing the 10.15.4 Supplemental Update.
Did you Install the 10.15.4 Supplemental Update on your T2 Mac, only to find that it will not power up after the Install?
When reporting on issues, I always try to quantify the issue in terms of how many users could be affected. In this particular case, the numbers are very low. This article is to help you rescue your Mac. The issue only affects T2 Macs that have installed the 10.15.4 Supplemental Update. The amount of users reporting this is very small, but the problem can be devastating if the user does not understand what happened or how to fix it.
This issue is similar to the 2019-001 Security Update last November that cause Data loss. The Reports are very close as it was first thought that the problem was the users fault for shutting down the Mac during the BridgeOS update.
What actually happened was, the BridgeOS Update Failed and destroyed the encryption keys.
6. Why write about something that affects such a small number of Macs?
7. Wait a few days before installing updates.
8. Should I block the 10.15.4 Supplemental Update?
9. Does Apple Know about this issue and are they working on a fix?
10. Links
11. Credit & Hat Tips
1. Affected Mac Models
This issue covers almost every single T2 Mac Model. I have not seen any reports of this happening to the iMac Pro 2017 or the Mac Pro 2019.
1. MacBook Pro 16′ 2019
2. MacBook Pro 13″ & 15″ 2018-2019
3. MacBook Air 2018-2020
4. Mac Mini 2018
2. Affected OS Versions
This issue affects only one macOS update.
macOS Catalina 10.15.4 Supplemental Update (19E287) Released 4/8/20
3. Problem: 10.15.4 Supplemental Update Bricked
One of the very first reports was in a MacAdmins Channel. The report said that the user called the helpdesk saying the update hung. Now the Mac does not power on.
Another report from a user with a 2018 13″ MacBook Pro
I attempted to install the update but about halfway through my computer shutdown and it bricked my 2018 13 inch MacBook. No power, no fans coming on and off or anything when pressing and holding the power button.
Another Report from a 16″ Macbook Pro 2019 User.
Confirmed; this is what happened to my 16″ after this install. I needed to do a DFU restore (using Apple Configurator 2 — you can download it to your hopefully spare MacBook from the app store) to get my mac back up and running. Unfortunately, for some reason, after the DFU restore, my 16″ came back up to do a full reinstall, and I had to restore my files from backup.
One More report form a 13″ MacBook Pro User
Anyone else do the recent 10.15.4 update and have their machine completely bricked? Mine will not turn on…not after resetting the SMB…not at all. Apple’s update appears to have completely killed my macbook. It’s now completely unresponsive.
Macbook Air 2018 User
Thursday evening my wife’s Air still showed the update in System Prefs and clicked to install it. She said the dialog box said it was normal for the screen to go black, but it didn’t say it’d never come back!!! Her less than 18 month old Air is now officially bricked. Unresponsive to all attempts to remind it of its mission on earth. A stellar machine until that fateful click.
4. Problem Description
Apple’s T2 Security chip runs software called BridgeOS. That software is updated each time you install a Catalina Update or Security Update. The T2 controls many aspects of your Mac.
The Apple T2 Security Chip is Apple’s second-generation, custom silicon for Mac. By redesigning and integrating several controllers found in other Mac computers—such as the System Management Controller, image signal processor, audio controller, and SSD controller—the T2 chip delivers new capabilities to your Mac
After reading through a bunch of reports the problem seems happen during the BridgeOS Update phase. Most users say that all they saw was a black screen and the Mac was unresponsive. From the users who contacted me over email, after the update failed the Mac was already be in DFU mode. A few users stated that as soon as they connected the dead Mac to a host mac with Apple Configuartor 2 running, it immediately showed up in RECOVERY Mode.
5. Can the dead Mac be brought back to life? YES!
In almost every case, a DFU Mode BridgeOS Reinstall brought these dead Macs back to life!
I wrote a detailed article on how to perform the restore below.
I knew something was up on April 10th two days after the supplemental update was released. I noticed a spike in traffic to my BridgeOS Restore article. Emails and comments started to roll in. They all mentioned that they found the article after the 10.15.4 Supplemental Update bricked their Mac.
6. Why write about something that affects such a small number of Macs?
Like I mentioned at the top of this article, I usually will only report on issues that affect a large number of Mac Users. The idea is that small fluke type issues happen all the time. Usually the user can just reinstall macOS and be up and running.
This case was different. I decided to write this article after reading some of the stories.
Haven’t talked with Apple’s help team since 2004—today we spent 2 hours on the phone—we tried every method to get my bricked 2018 15” MacBook Pro to boot. Hopefully this issue is a small epidemic and not a pandemic; the MBP became unresponsive today while updating to 10.15.4. The last thing I saw before the MBP went quiet and the screen went black was, “about 14 minutes remaining”. Apple Help quoted $815 to ship it to them for a diagnostic and repair. I explained it was working perfectly well before the update—CSR elevated it to a senior who is starting with a new charger and cable.
Here is another direct quote from a 2018 Mac Mini User that I found tonight.
Any one else experienced this problem? Mac mini late 2018. Update went through, restarted Mac and now bricked. Will not turn on at all. Took it to Apple store and they say main board needs replacing at cost of 400usd.
I hope this article finds you mattoneill2! ^
If this article can save just a few Mac Users from having to spend $$$ for a repair, then it was definitely worth it.
7. Wait a few days before installing updates.
A good tip for you is to just wait a few days for the dust to settle before installing updates.
This is not the first time Apple has pulled an update. They pulled High Sierra and Sierra 2019-002 Security Update this past March. It’s a good idea to wait at least a few days before you update.
8. Should I block the 10.15.4 Supplemental Update?
Maybe
The only reason I say maybe, is that the supplemental update does not include any Security Related fixes. Take a look at the list below.
Fixes an issue where Mac computers running macOS Catalina 10.15.4 could not participate in FaceTime calls with devices running iOS 9.3.6 and earlier or OS X El Capitan 10.11.6 and earlier
Resolves an issue where you may repeatedly receive a password prompt for an Office 365 account
Fixes an issue where MacBook Air (Retina, 13-inch, 2020) may hang in Setup Assistant or when disconnecting and reconnecting a 4K or 5K external display
Resolves an issue where a USB-C port in your Mac may become unresponsive
If you need any of the above fixes, then I would say deploy it. The risk is really low.
9. Does Apple Know about this issue? Are they working on a fix?
Unlike the GPU freezing issue or the Wake from Sleep issue, I do not have any information.
UPDATE 04/10/20:I have noticed increased traffic to my Mac BridgeOS DFU Restore Article. I looked around a bit found a small number of reports that the 10.15.4 Supplemental Update is Bricking T2 Macs.To the user the Mac seems dead. I had 3 different reports sent to me and found 3otherreportposts. The good news is, a BridgeOS restore was able to bring some of the Macs back to life.
In a surprise today, Apple released a new Supplemental update for macOS Catalina 10.15.4. This update weighs in at 1.01gb and is available now for all 10.15.4 Catalina users. This update looks to fix 4 different issues. Apple also updated BridgeOS and re released a new installer.app, combo update and delta update.
The Catalina 10.15.4 Supplemental Update Includes the following fixes.
macOS Catalina 10.15.4 supplemental update improves the stability and security of your Mac.
Fixes an issue where Mac computers running macOS Catalina 10.15.4 could not participate in FaceTime calls with devices running iOS 9.3.6 and earlier or OS X El Capitan 10.11.6 and earlier
Resolves an issue where you may repeatedly receive a password prompt for an Office 365 account
Fixes an issue where MacBook Air (Retina, 13-inch, 2020) may hang in Setup Assistant or when disconnecting and reconnecting a 4K or 5K external display
Resolves an issue where a USB-C port in your Mac may become unresponsive
BridgeOS update
The T2 BridgeOS was updated in this macOS Catalina Supplemental Update.
T2 BridgeOS Version = 17.16.14281
Current and Previous Build Versions of 10.15
10.15.4 = (19E287) April 8th, 2020 = Current Release
If I deployed/cached the old 10.15.4 Installer.app for OS Upgrades, do I need to redeploy?
Do I have to replace my deployable 10.15 Installer.app?– Yes
If you deployed the old version of the 10.15.4 (19E266) Installer, you should update it to the new (19E287). If you don’t your users will have to install the New Catalina Supplemental Update after installing or upgrading.
Security Content
The Supplemental Update does not list any Published CVE entries.
macOS Catalina 10.15 Supplemental Update Re-Released as (19A603)
Apple Re-Released macOS Catalina 10.15 Supplemental Update (19A603)
In another surprise today Apple re-released the Supplemental update for macOS Catalina 10.15. Many MacAdmins are scratching their heads wondering what this update is. Let’s get right into it.
10.15.0 (19A602)
Update Size 984.4mb
BridgeOS Version 17.16.10572
Original Patch Notes
Product ID = 061-18879
10.15.0 (19A603)
Update Size 985.4mb = 1mb Larger
BridgeOS Version 17.16.10572 = Same
Patch Notes = Same
Product ID = 061-18879 = Same
Will the Re-Released Update (19A603) show up in Software Update for (19A583) Users?
Yes
Will the Re-Released Update (19A603) show up in Software Update for (19A602) Users?
No
BridgeOS update
BridgeOS was NOT updated in the Re-Released Catalina Supplemental Update (19A603). It shows as Build Version 6.
New and Previous Build Versions of 10.15
10.15.0 = (19A603) October 21st 2019
10.15.0 = (19A602) October 15th 2019
10.15.0 = (19A583) October 7th 2019
If I deployed/cached the old 10.15 (19A602) Installer.app for OS Upgrades, do I need to redeploy?
Do I have to replace my deployable 10.15 Installer.app?– Probably Not
If you deployed the old version of the 10.15 (19A602) Installer, you most likely do not need the new (19A603) Version. As noted above, Apple did not change the patch notes and did not mention any changes to this Build Version. The Update most likely has only very minor changes.
If I deployed/cached the old 10.15 (19A583) Installer.app for OS Upgrades, do I need to redeploy?
Do I have to replace my deployable 10.15 Installer.app?– Yes
If you deployed the old version of the 10.15 (19A583) Installer, you should update it to the new (19A603). If you don’t your users will have to install the New Catalina Supplemental Update after installing or upgrading.
What’s included in the Catalina 10.15 Supplemental Update?
NOTE: The patch notes for (19A602) are exactly the same as (19A603)
The macOS Catalina 10.15 Supplemental update includes installation and reliability improvements, and is recommended for all users. This update:
This update: – Improves installation reliability of macOS Catalina on Macs with low disk space – Fixes an issue that prevented Setup Assistant from completing during some installations – Resolves an issue that prevents accepting iCloud Terms and Conditions when multiple iCloud accounts are logged in – Improves the reliability of saving Game Center data when playing Apple Arcade games offline
10.15 Supplemental Update Links
Catalina Supplemental Update = Will update when download link becomes available.
