Major security bug fixed in MacOS11.2 - Update now

Major security bug fixed in MacOS11.2 - Update now

Download macOS Big Sur 11.2 now. Trust us, you'll be glad you did.

Released on Monday (February 1), the update appears to be a small update on paper, but it contains fixes for a large number of security flaws.

Apple's security notes list 57 different CVE (common vulnerabilities and exposures) issues that are addressed in this update. You don't need to know all of them, but there are a few issues important enough to click download.

The most dangerous issues are five different flaws that could allow a malicious attacker to elevate system privileges and wreak havoc.

As is standard Apple policy, these fixes will also be released for systems running two previous macOS versions, if applicable: macOS Catalina 10.15.7 and Mojave 10.14.6.

These flaws, which are less likely to allow a local attacker to disrupt your system, have been patched in Crash Reporter, Endpoint Security, and IOSkywalkFamily. The more dangerous privilege escalation flaws were found in the kernel and power management, and both were patched, although Apple noted that it is aware of reports claiming that the former problem "could have been actively exploited"

.

Several other fixes have been made to the kernel. Two cases where malicious applications can execute arbitrary code with kernel-level (i.e., macOS core) privileges have been patched.

Another major alert from Apple's security note is in the message. While this is strictly a privacy concern, Apple notes that "users who have been removed from an iMessage group may rejoin the group. We are not doing that - it's just a hypothetical.

However, Big Sur 11.2 does not address a serious flaw that was discovered the day after the update was released. The vulnerability, first discovered on Linux systems, allows a limited number of user accounts to gain full control of a Mac, which can be exploited by malware or remote attackers.

Fortunately, updating a Mac to BigSur 11.2 is very easy. An optional piece of advice is to back up your system regularly and make sure you have a backup before updating. This is more of an issue with larger updates, but it is a good practice.

The full macOS 11.2 release notes note that Apple has resolved five other issues, including the external display issue, the ProRaw photo resolution, and the annoying bug where the administrator password would not unlock System Preferences.

Categories