Monterey 12.5.1

Hi,

Any update on the release for the Mac Monterey 12.5.1 patch? there are high 0 days vulns

Thanks.

1 Like

Any updates?
This a zero-day vulnerability that needs quick attention

Yes that was announced about the same time you were posting Content Release: Patches for Mac OS published 2022-08-19

The fixlets are for Catalina and BigSur, the vulnerabilities seems to affect systems running Monterey

Ah, my mistake, will inquire

I believe BigFix has never (yet?) posted content for Monterey updates.

I believe they (Apple) changed some things with their update process after Monterey but everything I’ve read makes it seem that nothing really gets it done very good. I can run “softwareupdate --install -a --force --agree-to-license” from a terminal window and get it to force a software update check and automatically download all updates but I can’t seem to get it to run on the machine through bigfix either.
My thought was that I could Setup a message to prompt them to initiate the upgrade then give them 8 hours before it runs automatically to allow them to get done with work. But so far i haven’t been able to get that command to run successfully in the background or in user context.

I realize now, the issue of Monterey on Apple Silicon is to do with volume ownership.

Volume ownership
Mac computers with Apple silicon introduce the concept of volume ownership. Volume ownership in an organizational context isn’t tied to the true legal ownership or chain of custody of the Mac. Instead, volume ownership can loosely be defined as the user who first claimed a Mac by configuring it for their own use, along with any additional users. You must be a volume owner to make changes to the startup security policy for a specific install of macOS, authorize the installation of macOS software updates and upgrades, initiate an Erase All Content and Settings, and more. The startup security policy defines the restrictions around which versions of macOS can boot, as well as how and if third-party kernel extensions can be loaded or managed.

Thanks for your replies!

Is there a roadmap on when Monterey patches will be available in bigfix platform? My mgmt is asking.

Thanks.

Even with that though, you would think that you could still initiate updates for intel based Mac’s or execute the update process in user context. It seems like this is a common issue with any Mac management tool though. Even Mac Admins with JAMF recommend to use Nudge which from everything i’ve read just constantly nags the user until they update it themselves. I can’t imagine the ugly looks I’d receive if I floated that idea to our security team regarding windows machines. No… we decided to just not do OS updates any more, we going to just nag the users until they update the computer themselves.