Today, Apple released macOS Mojave Security Update 2020-002 and High Sierra Security Update 2020-002. Below you will find Build Versions, Download Links, Update Sizes and previous Security Update Links. MacOS Sierra is no longer supported by Apple for Security Updates.
How do I keep track of all the macOS Build Versions?
I document all of the macOS Build Versions like the latest Mojave 2020-002 High Sierra 2020-002 along with most Apple Applications, XProtect, Gatekeeper and MRT updates in one database. You can check out the link below.
mrmacintosh.com/macos-system-status-version-info-for-macadmins/
MacOS Mojave Security Update 2020-002 (18G4032)
- macOS Mojave Security Update 2020-002
- Size = 1.62gb
- Package Download and Information Link
- https://support.apple.com/kb/DL2035
Information on the Security fixes included in the 2020-002 Mojave Security Update
MacOS High Sierra Security Update 2020-002 (17G12034)
- 10.13.6 High Sierra Security Update 2020-002
- Size = 2.1gb
- Package Download and Information Link
- https://support.apple.com/kb/DL2034
Information on the Security fixes included in the 2020-002 High Sierra Security Update
Safari Update
Safari was updated to version 13.1
Download Size for High Sierra = 66.2mb
Downloads Size for Mojave = 70.5mb
T2 BridgeOS Update
Both the 2020-002 and 2020-002 Security Updates upgrade BridgeOS to version – 17.16.14263
Security Content for Safari 13.1
https://support.apple.com/en-us/HT211104
Previous Releases
- 1. MacOS Security Updates released 01/28/20 – Mojave 2020-001 (18G3020) & High Sierra 2020-001 (17G11023)
- 2. MacOS Security Updates released 12/10/19 – Mojave 2019-002 (18G2022) & High Sierra 2019-007 (17G10021)
- 3.Security Updates released 10/31/19 – Mojave 2019-001 (18G1012) & HS 2019-006 (17G9016)
- 4. macOS updates released 9/26/19 – 10.14.6 Mojave #3 (18G103) – 10.13 & 10.12 (2019-005)
- 5. macOS updates released 7/22/19 – 10.14.6 Mojave (18G84)- 10.13 & 10.12 2019-004)
- 6. macOS updates released 5/13/19 – 10.14.5 Mojave (18F132) – 10.13. & 10.12 (2019-003)
- 7. macOS updates released 3/25/19 – 10.14.4 Mojave (18E226) – 10.13 & 10.12 (2019-002)
Security Related Content for 2020-002
Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra
Released March 24, 2020
AppleGraphicsControl
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed with improved state management.
CVE-2020-3904: Proteas of Qihoo 360 Nirvan Team
Bluetooth
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2020-3907: Yu Wang of Didi Research America
CVE-2020-3908: Yu Wang of Didi Research America
CVE-2020-3912: Yu Wang of Didi Research America
Bluetooth
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved input validation.
CVE-2020-3892: Yu Wang of Didi Research America
CVE-2020-3893: Yu Wang of Didi Research America
CVE-2020-3905: Yu Wang of Didi Research America
Bluetooth
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2019-8853: Jianjun Dai of Qihoo 360 Alpha Lab
IOHIDFamily
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory initialization issue was addressed with improved memory handling.
CVE-2020-3919: an anonymous researcher
IOThunderboltFamily
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: An application may be able to gain elevated privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2020-3851: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with improved memory handling.
CVE-2020-3914: pattern-f (@pattern_F_) of WaCai
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2020-3909: LGTM.com
CVE-2020-3911: found by OSS-Fuzz
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved size validation.
CVE-2020-3910: LGTM.com
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.3
Impact: A remote attacker may be able to cause arbitrary javascript code execution
Description: An injection issue was addressed with improved validation.
CVE-2020-3884: Apple
TCC
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: A maliciously crafted application may be able to bypass code signing enforcement
Description: A logic issue was addressed with improved restrictions.
CVE-2020-3906: Patrick Wardle of Jamf
Mojave 2020-002 High Sierra 2020-002
Security Updates for macOS 10.14 & 10.13 are now Available.
Today, Apple released macOS Mojave Security Update 2020-002 and High Sierra Security Update 2020-002. Below you will find Build Versions, Download Links, Update Sizes and previous Security Update Links. MacOS Sierra is no longer supported by Apple for Security Updates.
How do I keep track of all the macOS Build Versions?
I document all of the macOS Build Versions like the latest Mojave 2020-002 High Sierra 2020-002 along with most Apple Applications, XProtect, Gatekeeper and MRT updates in one database. You can check out the link below.
mrmacintosh.com/macos-system-status-version-info-for-macadmins/
MacOS Mojave Security Update 2020-002 (18G4032)
- macOS Mojave Security Update 2020-002
- Size = 1.62gb
- Package Download and Information Link
- https://support.apple.com/kb/DL2035
Information on the Security fixes included in the 2020-002 Mojave Security Update
MacOS High Sierra Security Update 2020-002 (17G12034)
- 10.13.6 High Sierra Security Update 2020-002
- Size = 2.1gb
- Package Download and Information Link
- https://support.apple.com/kb/DL2034
Information on the Security fixes included in the 2020-002 High Sierra Security Update
Safari Update
Safari was updated to version 13.1
Download Size for High Sierra = 66.2mb
Downloads Size for Mojave = 70.5mb
T2 BridgeOS Update
Both the 2020-002 and 2020-002 Security Updates upgrade BridgeOS to version – 17.16.14263
Security Content for Safari 13.1
https://support.apple.com/en-us/HT211104
Previous Releases
- 1. MacOS Security Updates released 01/28/20 – Mojave 2020-001 (18G3020) & High Sierra 2020-001 (17G11023)
- 2. MacOS Security Updates released 12/10/19 – Mojave 2019-002 (18G2022) & High Sierra 2019-007 (17G10021)
- 3.Security Updates released 10/31/19 – Mojave 2019-001 (18G1012) & HS 2019-006 (17G9016)
- 4. macOS updates released 9/26/19 – 10.14.6 Mojave #3 (18G103) – 10.13 & 10.12 (2019-005)
- 5. macOS updates released 7/22/19 – 10.14.6 Mojave (18G84)- 10.13 & 10.12 2019-004)
- 6. macOS updates released 5/13/19 – 10.14.5 Mojave (18F132) – 10.13. & 10.12 (2019-003)
- 7. macOS updates released 3/25/19 – 10.14.4 Mojave (18E226) – 10.13 & 10.12 (2019-002)
Security Related Content for 2020-002
Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra
Released March 24, 2020
AppleGraphicsControl
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed with improved state management.
CVE-2020-3904: Proteas of Qihoo 360 Nirvan Team
Bluetooth
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2020-3907: Yu Wang of Didi Research America
CVE-2020-3908: Yu Wang of Didi Research America
CVE-2020-3912: Yu Wang of Didi Research America
Bluetooth
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.3
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved input validation.
CVE-2020-3892: Yu Wang of Didi Research America
CVE-2020-3893: Yu Wang of Didi Research America
CVE-2020-3905: Yu Wang of Didi Research America
Bluetooth
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2019-8853: Jianjun Dai of Qihoo 360 Alpha Lab
IOHIDFamily
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory initialization issue was addressed with improved memory handling.
CVE-2020-3919: an anonymous researcher
IOThunderboltFamily
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: An application may be able to gain elevated privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2020-3851: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with improved memory handling.
CVE-2020-3914: pattern-f (@pattern_F_) of WaCai
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2020-3909: LGTM.com
CVE-2020-3911: found by OSS-Fuzz
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with improved size validation.
CVE-2020-3910: LGTM.com
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.3
Impact: A remote attacker may be able to cause arbitrary javascript code execution
Description: An injection issue was addressed with improved validation.
CVE-2020-3884: Apple
TCC
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.3
Impact: A maliciously crafted application may be able to bypass code signing enforcement
Description: A logic issue was addressed with improved restrictions.
CVE-2020-3906: Patrick Wardle of Jamf
Mojave 2020-002 High Sierra 2020-002
After Safari is used in Mojave, and Mac mini 2018 is put to sleep, it always crashes and reboots after about two minutes. Or after using Safari, and doing a shutdown and a cold-boot, a crash report is always issued.
These Mac mini 2018 Mojave sleep/shutdown crashes started after the recent macOS 10.15.4 update or Security Update 2020-002 Mojave which updated firmware to Boot ROM Version: 1037.100.359.0.0 (iBridge: 17.16.14263.0.0,0). macOS 10.15.4 Supplemental update updated it to Boot ROM Version: 1037.100.362.0.0 (iBridge: 17.16.14281.0.0,0) but the same sleep/shutdown crashes persist in Mojave (no crashes in Catalina).
Disconnecting peripherals, resetting SMC, PRAM, safe-boot, Disk First Aid or even a clean install to macOS 10.14.6 and Safari 12.1.2 does not help.
I now use Chrome with no crashes. A few times after I have accidentally launched Safari, the Mac mini 2018 always crashes in the described manner.
I made the experience with a new Mac mini 2018. If I do not use Safari, I do not get the crash report. It is odd. I will try an other browser.
I am running a mid 2012 MacBook Pro with High Sierra. I have twice done “download and Install” of Security Update 2020-002 10.13.6
Both times after trying to install, it says it can’t be installed on this computer.
John, was that with the app store or softwareudpate? You could try the package download, I included a link in the article. Maybe that will work?
I have the exact same problem as Tom, my Mac mini is now crashing four times a day or more…
Hello Mr. Macintosh,
thank your for your reply. The error message shows up everytime I press power button when the Mac mini has been shut down.. The kernel message does NOT show up after reboot. I have also did a clean install macOS Mojave 10.14.6 without Security Update 2020-002. As soon as I install the Security Update 2020-002 the the annoying crash report shows up again.
Multiple people also reported this issue on the MacRumors Forum https://forums.macrumors.com/threads/mac-mini-2018-kernel-panic-bug_type-210-after-security-update-2020-002.2228812/
The Diagnostic Report reads as follows:
[CODE]{“caused_by”:”bridgeos”,”macos_system_state”:”shutdown”,”bug_type”:”210″,”os_version”:”Bridge OS 4.4 (17P4263)”,”timestamp”:”2020-03-28 22:10:39.00 +0000″,”incident_id”:”907CAD79-9364-4588-A25A-3810D0E72F8F”}
{
“build” : “Bridge OS 4.4 (17P4263)”,
“product” : “iBridge2,5”,
“kernel” : “Darwin Kernel Version 19.4.0: Mon Mar 2 20:38:56 PST 2020; root:xnu-6153.101.6~2\/RELEASE_ARM64_T8010”,
“incident” : “907CAD79-9364-4588-A25A-3810D0E72F8F”,
“crashReporterKey” : “c0dec0dec0dec0dec0dec0dec0dec0dec0de0001”,[/CODE]
Update April 11, 2020: I did some further testing regarding my initial issue. I have restored from a previous system backup using SuperDuper. This backup clone does NOT include the Security Update 2020-002 Mojave and Safari 13.1. Surprisingly the shutdown message still shows up sporadically when I power on the Mac mini. I have completely shut down my Mac mini 2018 around 10 times. I have waited 5-10 minutes. 4 of 10 times the crash report showed up. It’s really difficult to debug. What’s interesting is the macOS Mojave Software Update does not show the Security Update 2020-002. So it’s seems to be already applied. I guess it is definitely related to the T2 BridgeOS Update or other firmware settings which have been patched during the Security Update 2020-002. Restoring from a 4 weeks old system backup does not resolved my issue.
This is a really bummer. I wish Apple would spend more time on testing. So far I haven’t heard back from my Apple Bug Report #FB7646566.
I am pleased to confirm that BridgeOS firmware version 18.16.12561 fixes the Kernel panic bug_type 210 on a Mac mini 2018.
**Solution:**
Installing Big Sur on a separate volumes updates the BridgeOS firmware version 18.16.12561. When you reboot back into Mojave you do no longer experience the error message on cold reboot. After 7 months Apple finally fixed the issue. Apple never replied on any if my Bug Reports.
Note: Installing Security Update 2020-006 on macOS Mojave 10.4.6 does not fix the Kernel panic bug_type 210. You have to install Big Sur on external drive prior going back to your Mojave installation.
Whenever I try to download and update to 10.14.6 it comes up with “network connection was lost” even though wifi is working.
Keep trying Tina,
You can also use this command in termina.
sudo softwareudate -iaR
Thanks for your sharing your article. Since installing the Mojave Security Update 2020-002 I do get a message that my Mac Mini 2018 was restarted because of a problem even I shut it down normally. The error message shows up everytime I press the Mac mini power button on cold boot. The kernel message does NOT show up after reboot. The Mac Mini 2018 was running fine for 3 months. The Apple Hardware Check does not show any errors. Also tried to reset SMC and PRAM.
Is this a known bug? Just curios wether Mac mini 2018 users who also installed Apple’s Security Update 2020-002 do see the same error message?
Hello Tom,
Take a look in /Library/Logs/DiagnosticReports or check the console.app. You are looking for any .panic files. Maybe the system is getting a Kernel Panic when it comes out of sleep or when you are not on the device. Looking at the log will help understand what’s going on and what time the Mac Restarted.
Having the same issue on my previously rock solid 2018 mac mini running Mojave. The log seems to point to a bridge os issue.