Apple today released macOS Sonoma 14.1.2, a security update to the macOS Sonoma operating system that Apple released in September.
The macOS Sonoma 14.1.2 update can be downloaded and installed on all eligible Macs using the “Software Update” section of “System Settings.”
Today’s update includes bug fixes and security updates according to Apple.
This update provides important bug fixes and security updates and is recommended for all users.
Some features may not be available for all regions, or on all Apple devices. For detailed information about the security content of this update, please visit: https://support.apple.com/kb/HT201222
According to Apple’s security support page, the update fixes two vulnerabilities that Apple says were exploited on previous versions of iOS earlier than iOS 16.7.1.
Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Michael Covington, VP of Portfolio Strategy at Jamf commented on today’s release, as well as the iOS 17.1.2 and iPadOS 17.1.2, security updates released today that address the same security flaws in iOS and iPadOS.
These latest OS updates, which address bugs in Apple’s WebKit, show that attackers continue to focus on exploiting the framework that downloads and presents web-based content. The latest bugs could lead to both data leakage and arbitrary code execution, and appear to be tied to targeted attacks that are common against high-risk users.
Despite these vulnerabilities being actively exploited, Apple continues to rapidly respond to address product issues. In addition to maintaining their own monitoring mechanisms to detect malicious activity, Apple collaborates with researchers in the community and runs an active bug bounty program.
Though these patches validate that Apple devices are not immune to cyber threats, the patching process is helping to reduce the attack surface. Now that the patches are issued, it is up to users, and organizations that utilize Apple devices for work, to update their devices and monitor for compliance to ensure that all critical devices are no longer vulnerable as soon as possible.
Apple currently has a major macOS Sonoma 14.2 update in beta testing.