macOS Catalina Security Update 2021-008 (19H1615) is recommended for all users and improves the security of macOS.

This update includes the following improvements:

Kernel

  • Available for: macOS Catalina
  • Impact: A malicious application may be able to execute arbitrary code with kernel privileges
  • Description: A buffer overflow issue was addressed with improved memory handling.
  • CVE-2022-22593: Peter Nguy...n Vũ Hoàng of STAR Labs

Model I/O

  • Available for: macOS Catalina
  • Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution
  • Description: An information disclosure issue was addressed with improved state management.
  • CVE-2022-22579: Mickey Jin (@patch1t) of Trend Micro

PackageKit

  • Available for: macOS Catalina
  • Impact: An application may be able to access restricted files
  • Description: A permissions issue was addressed with improved validation.
  • CVE-2022-22583: an anonymous researcher, Ron Hass (@ronhass7) of Perception Point, Mickey Jin (@patch1t)

Sandbox

  • Available for: macOS Catalina
  • Impact: A malicious application may be able to bypass certain Privacy preferences
  • Description: A logic issue was addressed with improved restrictions.
  • CVE-2021-30946: an anonymous researcher, @gorelics

TCC

  • Available for: macOS Catalina
  • Impact: A malicious application may be able to bypass certain Privacy preferences
  • Description: This issue was addressed with improved checks.
  • CVE-2021-30972: Xuxiang Yang (@another1024), Zhipeng Huo (@R3dF09), and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Wojciech Reguła (@_r3ggi), jhftss (@patch1t), Csaba Fitzl (@theevilbit) of Offensive Security

Apple macOS Security Updates for previous versions: