macOS Catalina Security Update 2021-008 (19H1615) is recommended for all users and improves the security of macOS.
This update includes the following improvements:
Kernel
- Available for: macOS Catalina
- Impact: A malicious application may be able to execute arbitrary code with kernel privileges
- Description: A buffer overflow issue was addressed with improved memory handling.
- CVE-2022-22593: Peter Nguy...n Vũ Hoàng of STAR Labs
Model I/O
- Available for: macOS Catalina
- Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution
- Description: An information disclosure issue was addressed with improved state management.
- CVE-2022-22579: Mickey Jin (@patch1t) of Trend Micro
PackageKit
- Available for: macOS Catalina
- Impact: An application may be able to access restricted files
- Description: A permissions issue was addressed with improved validation.
- CVE-2022-22583: an anonymous researcher, Ron Hass (@ronhass7) of Perception Point, Mickey Jin (@patch1t)
Sandbox
- Available for: macOS Catalina
- Impact: A malicious application may be able to bypass certain Privacy preferences
- Description: A logic issue was addressed with improved restrictions.
- CVE-2021-30946: an anonymous researcher, @gorelics
TCC
- Available for: macOS Catalina
- Impact: A malicious application may be able to bypass certain Privacy preferences
- Description: This issue was addressed with improved checks.
- CVE-2021-30972: Xuxiang Yang (@another1024), Zhipeng Huo (@R3dF09), and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Wojciech Reguła (@_r3ggi), jhftss (@patch1t), Csaba Fitzl (@theevilbit) of Offensive Security
Apple macOS Security Updates for previous versions:
- Apple macOS Security Update Mavericks 2016-004
- Apple macOS Security Update Mountain Lion 2015-006
- Apple macOS Security Update Mac EFI Security Update 2015-002
- Apple macOS Security Update Server Lion 2014-004
- Apple macOS Security Update Lion 2017-004
- Apple macOS Security Update Snow Leopard 2013-004
- Apple macOS Security Update Leopard 2012-003
- Apple macOS Security Update Tiger Intel 2009-005
- Apple macOS Security Update Tiger PPC 2009-005